RE: XWT Foundation Advisory: Firewall circumvention possible with all browsers

e, after all, smart people too. Sincerely, Jason Coombs [EMAIL PROTECTED] -Original Message- From: Microsoft Security Response Center [mailto:[EMAIL PROTECTED]] Sent: Monday, July 29, 2002 12:38 PM To: [EMAIL PROTECTED] Cc: Microsoft Security Response Center Subject: RE: XWT Foundation Ad

RE: XWT Foundation Advisory

ost: header configured. Sincerely, Jason Coombs [EMAIL PROTECTED] -Original Message- From: Thor Larholm [mailto:[EMAIL PROTECTED]] Sent: Monday, July 29, 2002 11:51 PM To: Microsoft Security Response Center; [EMAIL PROTECTED] Subject: RE: XWT Foundation Advisory > From: Microsoft Se

Re: XWT Foundation Advisory

"Thor Larholm" <[EMAIL PROTECTED]> writes: > I for one am in agreement on this issue, especially with regards to > "Default" sites on e.g. IIS - it is very uncommon for anyone to > serve content from the "Default" site (without checking the Host > header) these days. On the public Internet, you

RE: XWT Foundation Advisory

> From: Microsoft Security Response Center [mailto:[EMAIL PROTECTED]] I for one am in agreement on this issue, especially with regards to "Default" sites on e.g. IIS - it is very uncommon for anyone to serve content from the "Default" site (without checking the Host header) these days. That's n

RE: XWT Foundation Advisory: Firewall circumvention possible with all browsers

>The exploit allows an attacker to use any JavaScript-enabled web >browser behind a firewall to retrive content from (HTTP GET) and >interact with (HTTP POST) any HTTP server behind the >firewall. If the client in use is Microsoft Internet Explorer 5.0+, >Mozilla, or Netscape 6.2+, the attacker c

Re: XWT Foundation Advisory

On Mon, Jul 29, 2002 at 03:38:27PM -0700, Microsoft Security Response Center wrote: > > Hi All - > > We'd like to set the record straight as regards the advisory > published today by the XWT Foundation. > address the issue via a service pack. Accordingly, a fix has been > included in IE 6 Serv

RE: XWT Foundation Advisory

-BEGIN PGP SIGNED MESSAGE- Hi All - We'd like to set the record straight as regards the advisory published today by the XWT Foundation. Microsoft thoroughly investigated the issue described in the advisory, and discussed our findings in detail with the advisory's author. When the XWT

Re: XWT Foundation Advisory: Firewall circumvention possible with all browsers

On Mon, Jul 29, 2002 at 10:57:11AM -0700, Adam Megacz wrote: > Exploit > > 1) Attacker controls DNS zone *.baz.com, configuring it as follows: > > a) foo.bar.baz.com -> some web server operated by the attacker > b) bar.baz.com -> 10.0.0.9 (some address behind BigCo's firewall)