Re: Bug in Winroute 3.04g

From: Max Vision (visionat_private)
Date: Fri Apr 09 1999 - 16:12:05 PDT

Next message: Peter Zuerrer: "Re: Lotus Notes Locations & DST"

Previous message: dreamerat_private: "New Novell Remote.NLM Password Decryption Algorithm with Exploit"
Maybe in reply to: Michael R. Rudel: "Bug in Winroute 3.04g"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 9 Apr 1999, Michael R. Rudel wrote:
> There is a bug in the remote proxy server admin part of Winroute 3.04g.
> I have tested it on an earlier release (3.04a), and that is also
> vulnerable.
>

Confirmed on Winroute Pro 3.04
http://localhost:3129/admin/config/ takes yous straight to the
configuration options without authentication.

If one is going to use Winroute, I highly recommend turning on the
packet filter found at Settings -> Advanced -> Packetfilter

An unrelated bug is that the packetfilter refuses to pass on tcp 139
regardless of implicite configuration otherwise.

Max

Next message: Peter Zuerrer: "Re: Lotus Notes Locations & DST"
Previous message: dreamerat_private: "New Novell Remote.NLM Password Decryption Algorithm with Exploit"
Maybe in reply to: Michael R. Rudel: "Bug in Winroute 3.04g"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:58 PDT