Bugtraq mailing list archives
Re: FireWall-1 FTP Server Vulnerability
From: chess () US IBM COM (chess () US IBM COM)
Date: Fri, 18 Feb 2000 16:22:19 -0500
a firewall has an icicle's chance in hell of adequately mimicking a system it is supposed to protect if it does so purely on the assumption that the code it is protecting works "correctly" by the firewall developer's interpretation of "correct".
Or, for that matter, by the official protocol spec's notion of "correct". And there, of course, is the rub! There's always some obscure syntax that as far as the firewall developer knows or the specs say has no interesting semantics at all, but that in fact some client or intervening server in the protected system interprets to mean "broadcast your password file to the universe" or "interpret the following bytes as a Perl script" or "set fire to the CPU". This also makes it hard to block JavaScript in your proxy, remove HTML markup from comments entered into your guestbook, or compose secure SQL queries based partially on user input. Kinda draws together a bunch of themes we've seen here lately! *8) Solutions? Maybe if all protocols for reading semantics from datastreams were specified in terms of completely automatable formal descriptions, and any manufacturer caught including semantics not described by the relevant published formal spec was declared a pariah... Not in this unverse, I suspect! But we can try to slog along in that direction. Other solutions? DC http://www.research.ibm.com/people/c/chess/
Current thread:
- Re: FireWall-1 FTP Server Vulnerability, (continued)
- Re: FireWall-1 FTP Server Vulnerability Mikael Olsson (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability Emiliano Kargieman (Feb 18)
- Patch Available for "Site Wizard Input Validation" Vulnerability Microsoft Product Security (Feb 18)
- Re: FireWall-1 FTP Server Vulnerability Dug Song (Feb 18)
- Re: FireWall-1 FTP Server Vulnerability Borbely Zoltan (Feb 15)
- Re: FireWall-1 FTP Server Vulnerability monti (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability Peter Benie (Feb 16)
- Re: FireWall-1 FTP Server Vulnerability Nick FitzGerald (Feb 17)
- ANN: Bruce 1.0ea2: Networked Host-Vulnerability Scanner for Solaris & Linux Alec Muffett (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability der Mouse (Feb 17)
- Re: FireWall-1 FTP Server Vulnerability chess () US IBM COM (Feb 18)