[15765] in bugtraq
Re: Novell BorderManager 3.0 EE - Encoded URL rule bypass
daemon@ATHENA.MIT.EDU (Michael R. Rudel)
Thu Jul 13 18:31:05 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Message-Id: <Pine.BSF.4.21.0007121623060.5054-100000@brig.pcs.k12.mi.us>
Date: Wed, 12 Jul 2000 16:23:45 -0400
Reply-To: "Michael R. Rudel" <mrr@BRIG.PCS.K12.MI.US>
From: "Michael R. Rudel" <mrr@BRIG.PCS.K12.MI.US>
X-To: Henrik Nordstrom <hno@HEM.PASSAGEN.SE>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <396A37AA.4E4B66C3@hem.passagen.se>
Content-Transfer-Encoding: 8bit
Yes, but has anyoen tried actually doing this with BorderManaer to see if
it works? Novell isn't the best at obeying RFC standards, in my opinion.
On Mon, 10 Jul 2000, Henrik Nordstrom wrote:
> Knud Erik Højgaard wrote:
>
> > has anyone tried the longip equivalent for the host? (for the few what dont
> > know longip, try //echo -a $longip(123.45.67.89) in mIRC ) ... its a rather
> > old spammer trick.. disguising the urls like http://43243234432/%43%76%32
>
> Which makes it a not valid URL. See RFC 1738 section 3.1 for valid host
> specifications in Internet URLs.
>
> Squid simply rejects such URL's as invalid, and there is no
> configuration option to enable them.
>
> --
> Henrik Nordstrom
>
