[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Fwd: Re: HTML Form Protocol Attack
From:       George Staikos <staikos () kde ! org>
Date:       2001-08-15 20:18:28
[Download RAW message or body]


Anyone tested this one?  It's not really critical imho, but it's still nice 
to avoid these situations.

----------  Forwarded Message  ----------

Subject: Re: HTML Form Protocol Attack
Date: Wed, 15 Aug 2001 20:37:55 +0100
From: Barnaby Gray <bgrg2@cam.ac.uk>
To: bugtraq@securityfocus.com

I tried this out on mozilla, lynx and netscape (all linux) and got the
following results:

mozilla 0.9.1

Pops up message:
"Access to the port number given has been disabled for security reasons."
When I tried to get it to connect to ftp (port 21) - however if you add
65536 to this value, so try submitting the form to 65557 it doesn't
complain and will connect to port 21, but gets stuck halfway through
the transmission, without submitting the evil data. Maybe there is a
way round that though.

lynx will connect fine without complaint.

netscape communicator (4.77) - couldn't get it to connect even with
the trick of wrapping the port number round.

Barnaby

On Wed, Aug 15, 2001 at 09:20:19AM +0200, Jochen Topf wrote:
> Some HTML browsers can be tricked through the use of HTML forms into
> sending more or less arbitrary data to any TCP port.

..

> Jochen

-------------------------------------------------------

-- 

George Staikos

[prev in list] [next in list] [prev in thread] [next in thread]