Firewall Wizards mailing list archives
Re: OT, sorta: Breaking pipes?
From: Kurt Buff <kurt.buff () gmail com>
Date: Tue, 10 Nov 2009 12:27:05 -0800
On Sat, Nov 7, 2009 at 07:34, Chris Myers <clmmacunix () charter net> wrote:
Do you use Perl at all with CGI scripts? If so, this is just an example of what might be done with anything written with custom scripts. In this case, it is a specific vendor, but it could happen to anyone who does not code diligently. http://www.kb.cert.org/vuls/id/496064
We don't use perl/cgi here, but the example is instructive. This issue at hand is for web browsing by clients - the newish manager believes that it's just too annoying to add exceptions for the misbehaving web sites. Of course, it's not just the pipe character. It's also the other unsafe/unwise characters, and the URLs that are longer than 1024 characters, etc. At some point we may be hosting a web site locally, but that hasn't happened. This is really an education issue, so anything that I can add to the ammunition pile is helpful. Kurt _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- OT, sorta: Breaking pipes? Kurt Buff (Nov 05)
- Re: OT, sorta: Breaking pipes? Chris Myers (Nov 10)
- Re: OT, sorta: Breaking pipes? Kurt Buff (Nov 15)
- Re: OT, sorta: Breaking pipes? Chris Myers (Nov 10)