[10162] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Bug in Winroute 3.04g

daemon@ATHENA.MIT.EDU (Max Vision)
Fri Apr 9 19:06:10 1999

Date: 	Fri, 9 Apr 1999 16:12:05 -0700
Reply-To: Max Vision <vision@WHITEHATS.COM>
From: Max Vision <vision@WHITEHATS.COM>
X-To:         "Michael R. Rudel" <mrr@DODDS.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <370D83EE.4B2E088C@dodds.net>

On Fri, 9 Apr 1999, Michael R. Rudel wrote:
> There is a bug in the remote proxy server admin part of Winroute 3.04g.
> I have tested it on an earlier release (3.04a), and that is also
> vulnerable.
>

Confirmed on Winroute Pro 3.04
http://localhost:3129/admin/config/ takes yous straight to the
configuration options without authentication.

If one is going to use Winroute, I highly recommend turning on the
packet filter found at Settings -> Advanced -> Packetfilter

An unrelated bug is that the packetfilter refuses to pass on tcp 139
regardless of implicite configuration otherwise.

Max


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[10162] in bugtraq

Re: Bug in Winroute 3.04g

daemon@ATHENA.MIT.EDU (Max Vision)Fri Apr 9 19:06:10 1999

daemon@ATHENA.MIT.EDU (Max Vision)
Fri Apr 9 19:06:10 1999