lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <301326876.20080104222501@SECURITY.NNOV.RU>
Date: Fri, 4 Jan 2008 22:25:01 +0300
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: Danux <danuxx@...il.com>
Cc: vulnwatch@...nwatch.org, bugtraq@...urityfocus.com
Subject: Re: FortiGuard: URL Filtering Application Bypass Vulnerability

Dear Danux,

--Friday, January 4, 2008, 2:27:58 AM, you wrote to vulnwatch@...nwatch.org:


D> 1.- HTTP Requests are terminated by the CRLF characters.
D> 2.- Forcing to talk via HTTP/1.0 version so that dont send the host header.
D> 3.- Finally, by Fragmenting the GET or POST requests


D> Macula's Analysis: If you dont have properly installed some AV, HIPS,
D> etc, through this vuln, a workstation can connect to a malicious
D> "Hacking Site" and get infected.

 It  must  be  already  infected to issue request like this, because all
 standard software always add Host: header and do not fragment request.

D> Also through this vuln, you can
D> connect to different porn sites without problems. And no matter if its
D> or not multi-homed web sites. So we consider its not a low risk.

 O yeah.... It's great security risk. My morality may be affected.

-- 
~/ZARAZA http://securityvulns.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ