Security Basics mailing list archives
WCCP security issue
From: "mickael kael" <mickael.kael () gmail com>
Date: Tue, 22 May 2007 12:55:25 +0200
Hello all, Does anyone is aware about WCCP design vulnerability ?. I am wondering if it is possible to send bad WCCP response to a router for bypassing proxy check ?
From cisco :
"Web Cache Packet Return If a cache engine is unable to provide a requested object it has cached due to error or overload, the cache engine will return the request to the router for onward transmission to the originally specified destination server. WCCPv2 provides a check on packets that determines which requests have been returned from the cache engine unserviced. Using this information, the router can then forward the request to the originally targeted server (rather than attempting to resend the request to the cache cluster). This provides error handling transparency to clients." Thanks in advance for your information, Best regards, Mk,
Current thread:
- WCCP security issue mickael kael (May 22)
- Re: WCCP security issue killy (May 23)