Shorewall users - Jan 2003 - WHITEHAT DISCOVERS SERIOUS SECURITY FLAW AFFECTING ALL WEB SERVER S WORLDWIDE

FYI,

Santa Clara, Calif., Jan. 20, 2003 -- WhiteHat Security, Inc. a Santa Clara,

California based company that specializes in Web Application Security, has 
discovered a serious security flaw affecting all web server world wide. From

months of extensive research and testing, WhiteHat has found a way to
exploit 
a flaw in the way all web servers communicate.

http://www.whitehatsec.com/press_releases/WH-PR-20030120.txt


Mike

cheers();

Slightly off-topic, but even more infos.

> Santa Clara, Calif., Jan. 20, 2003 -- WhiteHat Security, Inc. a Santa
Clara,
> 
> California based company that specializes in Web Application Security, has 
> discovered a serious security flaw affecting all web server world wide.
From
> 
> months of extensive research and testing, WhiteHat has found a way to
> exploit 
> a flaw in the way all web servers communicate.
> 
> http://www.whitehatsec.com/press_releases/WH-PR-20030120.txt

That''s only the press release. More links (incl. the whitepaper) and
some thoughts about that in the thread on bugtraq:

http://online.securityfocus.com/archive/1/308161/2003-01-21/2003-01-27/1


[ press release ]
> After discovering the vulnerability, WhiteHat attempted to find a way to
> mitigate the issue on web servers but found that no web servers had the
> ability to disable the TRACE command.
They don''t know about apache''s RewriteEngine, do they? ;-)

 karsten


-- 
char
*t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8?
c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){
putchar(t[s]);h=m;s=0; }}}