Full Disclosure mailing list archives

Referrer log show some details about internal network

From: pb () bieringer de (Peter Bieringer)
Date: Fri, 20 Sep 2002 21:10:37 +0200

--==========898870887==========
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi,

shure not new, but an interesting kind of information disclosure of
an internal network:

http://192.168.***.***/exchange/*user1*/z_e-mails/noch_zu_erledigen
/FW:%20Doku%20fertig:%20FreeS_xF8FF_WAN-
RoadWarrior%20zu%20Check%20Point%20FW-1%20NG.EML?Cmd=open
 
http://192.168.***.***/exchange/*user2*/Inbox/FW:%20Doku%20fertig:%
20FreeS_xF8FF_WAN-RoadWarrior%20zu%20Che
ck%20Point%20FW-1%20NG.EML/1_text.htm?Security=2

Caused by an MS Exchange system?

Looks like proxies/firewalls should cut-off referrers which are
pointing to internal for privacy issue ;-)

        Peter
---
Dr. Peter Bieringer
mailto: pb at bieringer dot de
http://www.bieringer.de/pb/
Key 0x958F422D : B501 24F4 9418 23E2 C0F3  F833 7B57 AA7B 958F 422D
--==========898870887==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE9i3Kve1eqe5WPQi0RAuabAJkB3aiXkZ7Rf6D6lDZohmvgmMHJzwCg/HHD
T2leW0I2TZDDdZQe3sHMNFg=
=WarD
-----END PGP SIGNATURE-----

--==========898870887==========--

Current thread:

Referrer log show some details about internal network Peter Bieringer (Sep 20)