Bugtraq mailing list archives
Re: Non-standard usage of HTTP proxy servers
From: "Philip Stoev" <philip () stoev org>
Date: Mon, 22 Oct 2001 19:08:59 +0300
Using Squid, one can do acl Safe_ports port 80 81 21 443 563 70 210 1025-65535 http_access deny !Safe_ports to prevent that attack. It is well documented in squid.conf and is turned on by default, I believe Philip ----- Original Message ----- From: "Alexander Yurchenko" <grange () rt mipt ru> To: <bugtraq () securityfocus com> Sent: Monday, October 22, 2001 3:34 AM Subject: Non-standard usage of HTTP proxy servers
It's possible to connect to one of the numerous public HTTP proxy servers and send a request like: POST http://some.host:25/ HTTP/1.0 giving the SMTP commands as a content.
Current thread:
- Non-standard usage of HTTP proxy servers Alexander Yurchenko (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Keith Young (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Philip Stoev (Oct 22)