Bugtraq mailing list archives
Re: Fwd: IE 5.x keep-alive session hijacking
From: Waldo Bastian <bastian () kde org>
Date: Thu, 4 Sep 2003 22:22:36 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 04 September 2003 17:45, you wrote:
Hi, sorry for being innacurate, but I noticed that our transparent-proxy system is trying (and even to succeeds at some level) to hijack client http connections.
Sounds like a bug in your proxy that it doesn't filter the Proxy-Connection headers out. See e.g. http://ftp.ics.uci.edu/pub/ietf/http/hypermail/1999/0040.html Cheers, Waldo - -- bastian () kde org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian () suse com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/V58NN4pvrENfboIRAub0AKCOIiBtyN+wXvIPr64RZMM92KaQ8gCfdlP2 EbxkGX0XmCu8owndG2cfLVo= =Bo7H -----END PGP SIGNATURE-----
Current thread:
- IE 5.x keep-alive session hijacking Domas Mituzas (Sep 03)
- Re: IE 5.x keep-alive session hijacking 3APA3A (Sep 04)
- <Possible follow-ups>
- Re: Fwd: IE 5.x keep-alive session hijacking Waldo Bastian (Sep 04)