Re: [fw-wiz] Variations of firewall ruleset bypass via FTP

• Previous message: Zill, Greg: "[fw-wiz] RE: block webex"
• In reply to: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Philip J. Koenig: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On Friday, October 11, 2002 10:40 AM +0200 Mikael Olsson 
<mikael.olssonat_private> wrote:

> Yes, if an attacker can create file names with CRLFs in them, we're
> most likely screwed no matter what we're running.

Unless the FTP software authors finally decide to support the RFC that 
telnet-escapes CR.

-- 
Carson

_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Next message: Darren Reed: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Previous message: Zill, Greg: "[fw-wiz] RE: block webex"
• In reply to: Mikael Olsson: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Next in thread: Philip J. Koenig: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 11 2002 - 12:28:26 PDT