Bugtraq mailing list archives
netscreen flaw?
From: tito <mochafrap () mix ph>
Date: Fri, 05 Dec 2003 14:15:44 +0800
Hi! I have 5 NS500 boxes here with these details: Hardware Version: 4110(0) Software Version: 4.0.3r4.0 (Firewall+VPN) using netscreen's web UI on management, with the Idle timeout set to 15 minutes or if I want to logout, Internet Explorer would prompt me "The Web page you are viewing is trying to close the window. Do you want to close this window?" http://192.168.20.250/close.html*0 If I choose no, and go back to the navigator bar to re-enter the Netscreen management IP address http://192.168.20.250 will lead you directly to the home page http://192.168.20.252/top.html*6,1,1 I don't have to enter any login credentials to be able to to peak or tweak the firewall... this shouldn't be the case (even if you tell me to logout then close the window at all times, even if I disable cookies)(can't browse the web UI with my Internet Explorer security settings set to high.) as the idle timeout must always require me to re-enter my username/password after n minutes of inactivity. what do you think? thanks, tito basa makati, philippines
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.545 / Virus Database: 339 - Release Date: 11/27/2003
Current thread:
- netscreen flaw? tito (Dec 05)
- Re: netscreen flaw? Bryan Burns (Dec 05)