Bugtraq mailing list archives
Re: FortiGuard: URL Filtering Application Bypass Vulnerability
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 4 Jan 2008 22:25:01 +0300
Dear Danux, --Friday, January 4, 2008, 2:27:58 AM, you wrote to vulnwatch () vulnwatch org: D> 1.- HTTP Requests are terminated by the CRLF characters. D> 2.- Forcing to talk via HTTP/1.0 version so that dont send the host header. D> 3.- Finally, by Fragmenting the GET or POST requests D> Macula's Analysis: If you dont have properly installed some AV, HIPS, D> etc, through this vuln, a workstation can connect to a malicious D> "Hacking Site" and get infected. It must be already infected to issue request like this, because all standard software always add Host: header and do not fragment request. D> Also through this vuln, you can D> connect to different porn sites without problems. And no matter if its D> or not multi-homed web sites. So we consider its not a low risk. O yeah.... It's great security risk. My morality may be affected. -- ~/ZARAZA http://securityvulns.com/
Current thread:
- FortiGuard: URL Filtering Application Bypass Vulnerability Danux (Jan 04)
- Re: FortiGuard: URL Filtering Application Bypass Vulnerability 3APA3A (Jan 04)