Bugtraq mailing list archives
Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass
From: mrr () BRIG PCS K12 MI US (Michael R. Rudel)
Date: Wed, 12 Jul 2000 16:23:45 -0400
Yes, but has anyoen tried actually doing this with BorderManaer to see if it works? Novell isn't the best at obeying RFC standards, in my opinion. On Mon, 10 Jul 2000, Henrik Nordstrom wrote:
Knud Erik Højgaard wrote:has anyone tried the longip equivalent for the host? (for the few what dont know longip, try //echo -a $longip(123.45.67.89) in mIRC ) ... its a rather old spammer trick.. disguising the urls like http://43243234432/%43%76%32Which makes it a not valid URL. See RFC 1738 section 3.1 for valid host specifications in Internet URLs. Squid simply rejects such URL's as invalid, and there is no configuration option to enable them. -- Henrik Nordstrom
Current thread:
- Novell BorderManager 3.0 EE - Encoded URL rule bypass Kevin R Smith (Jul 05)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Vitaly Fedrushkov (Jul 06)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Knud Erik Højgaard (Jul 06)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Henrik Nordstrom (Jul 10)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Michael R. Rudel (Jul 12)
- The MDMA Crew's GateKeeper Exploit wizdumb () MDMA ZA NET (Jul 13)
- Big Brother filename extension vulnerability xternal (Jul 11)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Henrik Nordstrom (Jul 10)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Ted Behling (Jul 06)
- <Possible follow-ups>
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Frank Berzau (Jul 06)
- Novell BorderManager 3.0 EE - Encoded URL rule bypass Steve Banks (Jul 14)
- Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass Coward, Anonymous (Jul 14)