Penetration Testing mailing list archives
Re: By passing surf control
From: "Zach Forsyth" <Zach.Forsyth () kiandra com>
Date: Tue, 2 Mar 2004 12:00:43 +1100
-----Original Message----- From: Lewis GySgt Richard C [mailto:LewisRC () 29palms usmc mil] Sent: Thursday, 26 February 2004 9:14 AM Subject: RE: By passing surf control Kuda, There is an exploit by changing the requested sites IP address
to
octal format. Read more here: http://cert.uni-stuttgart.de/archive/bugtraq/2001/03/msg00305.html There is also an exploit by sending the request in multiple packets. Read more here: http://www.securityfocus.com/bid/2910 There is another exploit by appending a "." to the end of the requested site. Read more here: http://www.securiteam.com/securityreviews/5SP010U0KQ.html Hope this helps, Richard Lewis GSEC, Security+, CCNA, MCP
The octal obfuscation and most other obfuscation techniques have been fixed in surfcontrol long ago. Those posts were from 2001 anyways... Not sure on the proxy stuff as there are so many different ways to proxy. I can test it internally just need some time to do it. The "." vuln is also non existant anymore. Cheers Zach --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_pen-test_040201 ----------------------------------------------------------------------------
Current thread:
- Re: By passing surf control Zach Forsyth (Mar 01)