Security Incidents mailing list archives
Re: iPlanet Server vulnerable to HTTP TCP HEAD Attack
From: "Jeff" <spam-fighter () bigfoot com>
Date: Thu, 11 Apr 2002 01:18:12 -0400
Luis, Your server appears to be able to proxy anonymously when prompted with HTTP HEAD because it is running "Proxy-agent: iPlanet-Web-Proxy-Server/3.6" without enough access restrictions. Check the access restriction capability of that server against its administration manuals, specifically the "Restricting Access" section of Chapter 5 starting at http://docs.iplanet.com/docs/manuals/proxy/36/adminux/access.htm#1014180 for Unix or http://docs.iplanet.com/docs/manuals/proxy/36/adminnt/access.htm#15490 for NT. Best Regards, Jeff. ----- Original Message ----- From: "Mendoza Bazan, Luis - (Per)" <luis.mendoza () attla com> To: <incidents () securityfocus com>; <bugtraq () securityfocus com>; <vuln-dev () securityfocus com> Sent: Wednesday, April 10, 2002 11:45 AM Subject: iPlanet Server vulnerable to HTTP TCP HEAD Attack Hi, I have an iPlanet server that work as email server. This server has the following services enabled: SMTP, POP3 and HTTP. We detect the evidence that is in the files attached. If you know some advice or workaround about this, it will be welcome. We are searching in Sun some info but cannot find it. Best regards
Luis Mendoza * luis.mendoza () attla com Esta comunicación es de carácter personal y no representa la posición
oficial de AT&T Latin America - Perú
This communication is of personal character and it doesn't represent the
official position of AT&T Latin America - Peru ---------------------------------------------------------------------------- ---- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- iPlanet Server vulnerable to HTTP TCP HEAD Attack Mendoza Bazan, Luis - (Per) (Apr 10)
- Re: iPlanet Server vulnerable to HTTP TCP HEAD Attack Jeff (Apr 11)
- Re: iPlanet Server vulnerable to HTTP TCP HEAD Attack Paul Cardon (Apr 11)