Vulnerability Development mailing list archives
Proxy bypass in Opera : security related ?
From: Nicolas Gregoire <ngregoire () exaprobe com>
Date: Wed, 05 Dec 2001 10:22:45 +0100
Hi, while I was trying to bypass some URL filtering software using specially formated URLs, I found a problem in the Opera browser. This bug was reported to Opera via their bug notification form, but I haven't receive any response so far. Details : ====== When the URL http://3638218280/ is requested, Opera will try to fetch to page located at http://216.218.206.40/ (normal DWord to IP address conversion [1]) *without* using the configured proxy settings. Scenario : ========= I haven't any really interesting scenario for this bug. Yes, it's possible to make a user follow a link and get a page without using the configured proxy, but if, in a company, there's a proxy and a way to fetch web pages without using the proxy, the problem is, in my opinion, a security policy problem .... Does anybody see any security implication for this bug ? Nicolas Grégoire [2] [1] : http://www.fichtner.net/tools/ip2dword/ [2] : Please excuse my poor english
Current thread:
- Proxy bypass in Opera : security related ? Nicolas Gregoire (Dec 05)
- Re: Proxy bypass in Opera : security related ? maillist (Dec 05)
- RE: Proxy bypass in Opera : security related ? Darren W. MacDonald (Dec 05)
- Re: Proxy bypass in Opera : security related ? Valdis . Kletnieks (Dec 05)
- Re: Proxy bypass in Opera : security related ? maillist (Dec 05)