From: Zach Forsyth (Zach.Forsyth@kiandra.com)
Date: Mon Mar 01 2004 - 20:00:43 EST
> -----Original Message-----
> From: Lewis GySgt Richard C [mailto:LewisRC@29palms.usmc.mil]
> Sent: Thursday, 26 February 2004 9:14 AM
> Subject: RE: By passing surf control
>
> Kuda,
>
> There is an exploit by changing the requested sites IP address
to
> octal format. Read more here:
>
> http://cert.uni-stuttgart.de/archive/bugtraq/2001/03/msg00305.html
>
> There is also an exploit by sending the request in multiple packets.
> Read more here:
>
> http://www.securityfocus.com/bid/2910
>
> There is another exploit by appending a "." to the end of the
> requested site. Read more here:
>
> http://www.securiteam.com/securityreviews/5SP010U0KQ.html
>
> Hope this helps,
> Richard Lewis
> GSEC, Security+, CCNA, MCP
>
The octal obfuscation and most other obfuscation techniques have been
fixed in surfcontrol long ago.
Those posts were from 2001 anyways...
Not sure on the proxy stuff as there are so many different ways to
proxy.
I can test it internally just need some time to do it.
The "." vuln is also non existant anymore.
Cheers
Zach
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_pen-test_040201
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT