BugTraq
common dns misconfiguration can lead to "same site" scripting Jan 18 2008 04:40PM
Tavis Ormandy (taviso sdf lonestar org) (2 replies)
Re: common dns misconfiguration can lead to "same site" scripting Jan 21 2008 08:25AM
Florian Weimer (fweimer bfk de) (1 replies)
Re: common dns misconfiguration can lead to "same site" scripting Jan 21 2008 05:04PM
David Malone (dwmalone maths tcd ie) (1 replies)
Re: common dns misconfiguration can lead to "same site" scripting Jan 21 2008 05:19PM
Florian Weimer (fweimer bfk de)
Re: common dns misconfiguration can lead to "same site" scripting Jan 19 2008 12:02AM
Kurt Grutzmacher (grutz jingojango net)
On Fri, Jan 18, 2008 at 04:40:58PM +0000, Tavis Ormandy wrote:
> Hello, I'd like to document what appears to be a common named
> misconfiguration that can result in a minor security issue with web
> applications.

Interesting research, Tavis!

Have you looked at what a proxy-server would do with this type of
request? Most fail with "requested URL could not be retrieved" error but
some report the URL back to the browser. Squid in particular does but it
filters HTML characters.

Also if the proxy server is on a regular server (vs a content engine)
you can reach the local web server of the host. A possible way to reconfigure
home routers with proxy servers or enumerate if a transparent proxy is
in place.

--
..:[ grutz at jingojango dot net ]:..
GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4
"There's just no amusing way to say, 'I have a CISSP'."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFHkT4P7JUqA4yz7LQRAiEdAJ994o575jvYE0jpNeCOy2YS1SQL4QCdHN7Z
xCqRyUqP2Q4dG3htAFBajzU=
=Gvbd
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus