[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] HTTP Proxy Security Hole!!!
Interesting... I haven't tried this yet - but from what you are saying it seems more of a "configuration" issue rather than a security hole needing a patch. What did your rulebase look like when you did this test. Provide us more details... :) Amin Tora, CISSP Director, Secure+ ePlus Technology Inc. http://security.eplus.com **NOTICE** ------------------------------------------ This message may contain confidential and/or proprietary information, and is intended only for the person / entity to whom it was originally destined. The use of this information and unauthorized access to this information for any other means is strictly prohibited. The content of this message may also contain private views and opinions that do not constitute a formal disclosure or commitment unless specifically stated. If you have received this message in error or you are not the intended recepient(s), please notify the sender and delete the email from your computer(s). ------------------------------------------ > -----Original Message----- > From: Snyder, Ryan [mailto:[email protected]] > Sent: Monday, February 18, 2002 7:20 PM > To: [email protected] > Subject: [FW-1] HTTP Proxy Security Hole!!! > > > Try this on your firewall if you are running HTTP Proxy! > Checkpoint has yet > to release a fix. > > Step one: telnet to a machine behind the checkpoint firewall > on port 80 > (it can be a fake machine that doesn't exist, as long > as the name > resolves) > > Step two: Type the following: > >CONNECT mailserver.somecompany.com:25 / HTTP/1.0 > >User-Agent: eeep > >Cache-Control: private,no-cache > >Pragma: no-cache > > > > Step three: wait a moment for your SMTP banner to pop up. > > You can then send SPAM email, and it looks like it came from > your firewall. > I also found out that one can telnet to machines on a network that are > protected by the Firewall. > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|