Full Disclosure mailing list archives
Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass
From: Shawn McMahon <smcmahon () eiv com>
Date: Wed, 4 Jun 2003 12:34:43 -0400
On Mon, Jun 02, 2003 at 03:36:52PM -0500, Brent J. Nordquist said:
LOL, oops. Someone pointed out to me a while back that RFC 2606 reserves "example.com" "example.org" and "example.net" for this kind of purpose.
Even barring such considerations as DNS poisoning, wags at ICANN setting up SMTP servers, etc., it still doesn't strike me as optimal to have thousands of machines attempting constant SMTP connections to 192.0.34.166 just because an RFC mentioned it was possible. -- Shawn McMahon | Let every nation know, whether it wishes us well or ill, EIV Consulting | that we shall pay any price, bear any burden, meet any UNIX and Linux | hardship, support any friend, oppose any foe, to assure http://www.eiv.com| the survival and the success of liberty. - JFK
Attachment:
_bin
Description:
Current thread:
- Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass Shawn McMahon (Jun 02)
- <Possible follow-ups>
- Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass Brent J. Nordquist (Jun 02)
- example.{com,org,net} Brian Hatch (Jun 02)
- Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass Shawn McMahon (Jun 04)