Firewall Wizards mailing list archives
Re: Variations of firewall ruleset bypass via FTP
From: Carson Gaspar <carson () taltos org>
Date: Fri, 11 Oct 2002 14:31:32 -0400
--On Friday, October 11, 2002 10:40 AM +0200 Mikael Olsson <mikael.olsson () clavister com> wrote:
Yes, if an attacker can create file names with CRLFs in them, we're most likely screwed no matter what we're running.
Unless the FTP software authors finally decide to support the RFC that telnet-escapes CR.
-- Carson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Variations of firewall ruleset bypass via FTP, (continued)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 12)
- Re: Variations of firewall ruleset bypass via FTP Al Potter (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul Robertson (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Darren Reed (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Carson Gaspar (Oct 11)
- Re: Variations of firewall ruleset bypass via FTP Paul D. Robertson (Oct 14)