Bugtraq mailing list archives

Re: SurfControl Bypass Vulnerability

From: Dag-Erling Smorgrav <des () THINKSEC COM>
Date: Fri, 23 Mar 2001 10:40:36 +0100

"Chris St. Clair" <chris_stclair () HOTMAIL COM> writes:

0xc0.168.000000001.1

Coming up with an effective regex to match that might be tough.


Not really.  Here's a Perl regexp that matches the general syntax:

  /^(0x[\dA-F]+|\d+)(\.(0x[\dA-F]+|\d+)){3}$/i

Strings matching this regexp can be converted to a struct in_addr
using inet_aton() on OSes whose libc provide it; those stuck with
inferior OSes can obtain the code from e.g. FreeBSD's CVS tree:
http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/net/inet_addr.c

DES
-- 
Dag-Erling Smørgrav - des () thinksec com

Current thread:

Re: SurfControl Bypass Vulnerability, (continued)
- Re: SurfControl Bypass Vulnerability Chris St. Clair (Mar 22)
  - Re: SurfControl Bypass Vulnerability Darren Reed (Mar 23)
    - Re: SurfControl Bypass Vulnerability Paul Cardon (Mar 23)
    - Re: SurfControl Bypass Vulnerability Dan Harkless (Mar 25)
    - Re: SurfControl Bypass Vulnerability Ben Ford (Mar 26)
    - Re: SurfControl Bypass Vulnerability Valdis Kletnieks (Mar 26)
    - Re: SurfControl Bypass Vulnerability c0ncept (Mar 26)
    - Re: SurfControl Bypass Vulnerability Ryan Russell (Mar 26)
  - Re: SurfControl Bypass Vulnerability Andrew Moran (Mar 23)
  - Re: SurfControl Bypass Vulnerability Riad S. Wahby (Mar 23)
  - Re: SurfControl Bypass Vulnerability Dag-Erling Smorgrav (Mar 23)
- Re: SurfControl Bypass Vulnerability King, John (Mar 23)
- Re: SurfControl Bypass Vulnerability ASMDood (Mar 23)