|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass
From: Henrik Nordstrom (hno
HEM.PASSAGEN.SE)Date: Mon Jul 10 2000 - 15:52:58 CDT
- Next message: xternal: "Big Brother filename extension vulnerability"
- Previous message: Marcus Danielsson: "Big Brother Vulnarability Scanner"
- In reply to: Knud Erik Højgaard: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Next in thread: Michael R. Rudel: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Reply: Henrik Nordstrom: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Reply: Michael R. Rudel: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Knud Erik Højgaard wrote:
> has anyone tried the longip equivalent for the host? (for the few what dont
> know longip, try //echo -a $longip(123.45.67.89) in mIRC ) ... its a rather
> old spammer trick.. disguising the urls like http://43243234432/%43%76%32
Which makes it a not valid URL. See RFC 1738 section 3.1 for valid host
specifications in Internet URLs.
Squid simply rejects such URL's as invalid, and there is no
configuration option to enable them.
-- Henrik Nordstrom
- Next message: xternal: "Big Brother filename extension vulnerability"
- Previous message: Marcus Danielsson: "Big Brother Vulnarability Scanner"
- In reply to: Knud Erik Højgaard: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Next in thread: Michael R. Rudel: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Reply: Henrik Nordstrom: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Reply: Michael R. Rudel: "Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]