HTTP Browser Authentification Bug and some more bugs
hi, further information are here: http://www.ietf.org/rfc/rfc1945.txt great idea until this is fixed(not mine): Stop all http and https servers and don't visit sites which works with the from design related unsecure http protocol! HEY, don't blame me, it's translated from german to english, read for yourself: http://www.heise.de/security/news/meldung/46175 there are some more: squid has a security Problem too, don't know whether debian-packages has the same problem: https://rhn.redhat.com/errata/RHSA-2004-134.html and tcpdump has 2 overflows: http://www.rapid7.com/advisories/R7-0017.html Greetz Konstantin -- Building an operating system without source code is like buying a self-assembly Space Shuttle with no instructions. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: HTTP Browser Authentification Bug and some more bugs
* Quoting Konstantin ([EMAIL PROTECTED]): further information are here: http://www.ietf.org/rfc/rfc1945.txt great idea until this is fixed(not mine): Stop all http and https servers and don't visit sites which works with the from design related unsecure http protocol! HEY, don't blame me, it's translated from german to english, read for yourself: http://www.heise.de/security/news/meldung/46175 Hehe, Aprils Fools Day :) The other ones seems to be real. - Rolf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
HTTP Browser Authentification Bug and some more bugs
hi, further information are here: http://www.ietf.org/rfc/rfc1945.txt great idea until this is fixed(not mine): Stop all http and https servers and don't visit sites which works with the from design related unsecure http protocol! HEY, don't blame me, it's translated from german to english, read for yourself: http://www.heise.de/security/news/meldung/46175 there are some more: squid has a security Problem too, don't know whether debian-packages has the same problem: https://rhn.redhat.com/errata/RHSA-2004-134.html and tcpdump has 2 overflows: http://www.rapid7.com/advisories/R7-0017.html Greetz Konstantin -- Building an operating system without source code is like buying a self-assembly Space Shuttle with no instructions.
Re: HTTP Browser Authentification Bug and some more bugs
* Quoting Konstantin ([EMAIL PROTECTED]): further information are here: http://www.ietf.org/rfc/rfc1945.txt great idea until this is fixed(not mine): Stop all http and https servers and don't visit sites which works with the from design related unsecure http protocol! HEY, don't blame me, it's translated from german to english, read for yourself: http://www.heise.de/security/news/meldung/46175 Hehe, Aprils Fools Day :) The other ones seems to be real. - Rolf
