RE: Proxy bypass in Opera : security related ?

From: Darren W. MacDonald (darrydooat_private)
Date: Wed Dec 05 2001 - 19:38:24 PST

Next message: http-equivat_private: "Re: BUGLOOK: Outlook Express 6.00 + MS Exchange Server version 5.5"

Previous message: R. Toma: "RE: IE Denial of service (sorta)"
In reply to: maillist: "Re: Proxy bypass in Opera : security related ?"
Next in thread: Valdis.Kletnieksat_private: "Re: Proxy bypass in Opera : security related ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Poor browsers, confused into thinking that this is Intranet traffic
because  it's dotless... <sigh>

See MS KB Q306121 and MS Security Bulletin MS01-051 for details and a
patch for IE.

HTH
Darren


> -----Original Message-----
> From: maillist [mailto:maillistat_private]
> Sent: Wednesday, December 05, 2001 1:25 PM
> To: vuln-devat_private
> Subject: Re: Proxy bypass in Opera : security related ?
> 
> Hi,
> I don't know if that's a problem caused only by Opera, I found that
'bug'
> surfing with IE (6.0) too.
> Trying to acces diffrent web pages, some of them listed my real IP
address
> insted of proxy address.
> (e.g. trying to make an account at www.ifriends.com).
> It might be a 'bug' in Opera/IE or a 'high security' web page.
> 
> 
> ----- Original Message -----
> From: "Nicolas Gregoire" <ngregoireat_private>
> To: <vuln-devat_private>
> Sent: Wednesday, December 05, 2001 11:22 AM
> Subject: Proxy bypass in Opera : security related ?
> 
> 
> > Hi,
> >
> > while I was trying to bypass some URL filtering software using
specially
> formated URLs, I found a problem
> > in the Opera browser.
> >
> > This bug was reported to Opera via their bug notification form, but
I
> haven't receive any response so far.
> >
> > Details :
> > ======
> >
> > When the URL http://3638218280/ is requested, Opera will try to
fetch to
> page located at
> > http://216.218.206.40/ (normal DWord to IP address conversion [1])
> *without* using the configured
> > proxy settings.
> >
> > Scenario :
> > =========
> >
> > I haven't any really interesting scenario for this bug.
> > Yes, it's possible to make a user follow a link and get a page
without
> using the configured proxy, but if,
> > in a company, there's a proxy and a way to fetch web pages without
using
> the proxy, the problem is,
> > in my opinion, a security policy problem ....
> >
> >
> > Does anybody see any security implication for this bug ?
> >
> >
> > Nicolas Grégoire [2]
> >
> >
> > [1] : http://www.fichtner.net/tools/ip2dword/
> > [2] : Please excuse my poor english
> >
> >
> >
> >
> >
> >

Next message: http-equivat_private: "Re: BUGLOOK: Outlook Express 6.00 + MS Exchange Server version 5.5"
Previous message: R. Toma: "RE: IE Denial of service (sorta)"
In reply to: maillist: "Re: Proxy bypass in Opera : security related ?"
Next in thread: Valdis.Kletnieksat_private: "Re: Proxy bypass in Opera : security related ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 23:02:39 PST