On Mon 14 Feb 2000 at 14:01:48 -0500, Kragen Sitaker wrote: > The successful exploit requires a remarkable chain of extreme forgiveness: > 1- The web browser must accept an illegal URL from (possibly valid, > although very unusual) HTML. > 2- The web browser must send an illegal HTTP request with the illegal > URL, without %-encoding the URL to make it legal. > 3- The HTTP server must accept the illegal HTTP request. Squid, when used as a proxy, does not accept these incorrect URLs. Since I installed it as a "transparent proxy", I tend to get error messages from Squid about this from time to time. Usually this is due to sloppy HREFs, not anything malicious. -Olaf. -- ___ Olaf 'Rhialto' Seibert - rhialtoat_private -- If one tells the truth, \X/ .kun.nl -- one is sure, sooner or later, to be found out. (Oscar Wilde)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:06 PDT