Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Date: Thu Oct 18 2001 - 02:37:55 CDT
There is a flaw in many looking-glasses (most of them based on the
nitrous-digex one ) which allows attackers to gather information about
the network which is not intentionally provided through looking-glass
It seems that the looking-glass (which is usually written in Perl)
doesn't check the input properly for the validity of the input address.
when clicking bgp, to check an address in the bgp table, the attacker
can enter , instead of an ip address, the word "nei"(or neighbours)
and all bgp neighbours will be fully visible. In fact, any valid argument
in cisco IOS following sh ip bgp, can be entered.
Another example: <sh ip bgp> paths gives the full path table. This
puts some strain on routers and could be used to DOS the router if
no proper access security is provided.
Various other things can be done
workaround: check for a "." in the input . This shouldn't be too hard
to implement in the script :-)
Haven't checked for traversal possibilities yet ;-)