Bugtraq mailing list archives

Re: Bug in Winroute 3.04g

From: vision () WHITEHATS COM (Max Vision)
Date: Fri, 9 Apr 1999 16:12:05 -0700


On Fri, 9 Apr 1999, Michael R. Rudel wrote:

There is a bug in the remote proxy server admin part of Winroute 3.04g.
I have tested it on an earlier release (3.04a), and that is also
vulnerable.


Confirmed on Winroute Pro 3.04
http://localhost:3129/admin/config/ takes yous straight to the
configuration options without authentication.

If one is going to use Winroute, I highly recommend turning on the
packet filter found at Settings -> Advanced -> Packetfilter

An unrelated bug is that the packetfilter refuses to pass on tcp 139
regardless of implicite configuration otherwise.

Max

Current thread:

Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight, (continued)
- - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Pavel Machek (Apr 09)
    - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Luca Berra (Apr 10)
    - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Miguel de Icaza (Apr 11)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Miguel de Icaza (Apr 05)
- Multiple WinGate Vulnerabilities[Tad late] Marc (Apr 05)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Stefan Rompf (Apr 06)
  - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Viktor Fougstedt (Apr 07)
    - security hole (READ AS: security chasm) in ICQ-Webserver DaChronic (Apr 07)
    - Re: security hole (READ AS: security chasm) in ICQ-Webserver sven () MSC-MEDIA COM (Apr 08)
    - Bug in Winroute 3.04g Michael R. Rudel (Apr 08)
    - Re: Bug in Winroute 3.04g Max Vision (Apr 09)
    - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Casper Dik (Apr 08)
  - Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight M.C.Mar (Apr 08)
- ALERT: No viruses in Acrobat Reader Sarah Rosenbaum (Apr 08)