[<prev] [next>] [day] [month] [year] [list]
Message-ID: <50300000.1032549037@localhost>
From: pb at bieringer.de (Peter Bieringer)
Subject: Referrer log show some details about internal network
Hi,
shure not new, but an interesting kind of information disclosure of
an internal network:
http://192.168.***.***/exchange/*user1*/z_e-mails/noch_zu_erledigen
/FW:%20Doku%20fertig:%20FreeS_xF8FF_WAN-
RoadWarrior%20zu%20Check%20Point%20FW-1%20NG.EML?Cmd=open
http://192.168.***.***/exchange/*user2*/Inbox/FW:%20Doku%20fertig:%
20FreeS_xF8FF_WAN-RoadWarrior%20zu%20Che
ck%20Point%20FW-1%20NG.EML/1_text.htm?Security=2
Caused by an MS Exchange system?
Looks like proxies/firewalls should cut-off referrers which are
pointing to internal for privacy issue ;-)
Peter
---
Dr. Peter Bieringer
mailto: pb at bieringer dot de
http://www.bieringer.de/pb/
Key 0x958F422D : B501 24F4 9418 23E2 C0F3 F833 7B57 AA7B 958F 422D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020920/da373bb8/attachment.bin
Powered by blists - more mailing lists