[15755] in bugtraq
Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass
daemon@ATHENA.MIT.EDU (Henrik Nordstrom)
Wed Jul 12 15:18:28 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Message-ID: <396A37AA.4E4B66C3@hem.passagen.se>
Date: Mon, 10 Jul 2000 22:52:58 +0200
Reply-To: hno@HEM.PASSAGEN.SE
From: Henrik Nordstrom <hno@HEM.PASSAGEN.SE>
X-To: Knud Erik =?iso-8859-1?Q?H=F8jgaard?= <kain@EGOTRIP.DK>
To: BUGTRAQ@SECURITYFOCUS.COM
Content-Transfer-Encoding: 8bit
Knud Erik Højgaard wrote:
> has anyone tried the longip equivalent for the host? (for the few what dont
> know longip, try //echo -a $longip(123.45.67.89) in mIRC ) ... its a rather
> old spammer trick.. disguising the urls like http://43243234432/%43%76%32
Which makes it a not valid URL. See RFC 1738 section 3.1 for valid host
specifications in Internet URLs.
Squid simply rejects such URL's as invalid, and there is no
configuration option to enable them.
--
Henrik Nordstrom
