Great Circle Associates Firewalls
(March 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Mosaic and ANS Interlock
From: "Fuat C. Baran" <fuat @ watsun . cc . columbia . edu>
Date: Tue, 29 Mar 94 10:53:15 EST
To: Frederick M Avolio <avolio @ tis . com>
Cc: firewalls @ greatcircle . com, Scott Chasin <chasin @ crimelab . crimelab . com>
In-reply-to: Your message of Tue, 29 Mar 94 09:40:28 -0500
Office: 703 Watson, 212-854-4804, Fax: 212-662-6442 
>Is there anyone who has analyzed this for security implications? Why
>buy a nice, strong, iron door and then cut big holes in it?  Scary
>stuff, I think...  I'd love to see anyone's work on examining this
>sort of thing through a firewall (anyone's). 

The current version of NCSA's Mosaic for UNIX has a gaping hole in it.
(See postings in comp.security.*.)  Assuming the firewall just ships
bits across the firewall and doesn't do a thorough job of sanitizing
the html (which Mosaic should have done anyway, even in a non-firewall
environment), then you've got problems.

						--Fuat



Columbia University				fuat @
 columbia .
 edu
703 Watson Labs					212-854-4804
612 W115th Street				212-662-6442 (Fax)
New York, NY 10025
Indexed By Date Previous: Re: mis-use of telnet (was: Re: Hey the crackers have a new twist...)
From: lacoursj @ uprc . com (Jeffrey D. LaCoursiere)
Next: Re: FAQ --- cheap packet screening tools
From: Dave Mischler <mischler @ Cubic . COM>
Indexed By Thread Previous: Re: Mosaic and ANS Interlock
From: Frederick M Avolio <avolio @ tis . com>
Next: Mosaic and ANS Interlock
From: kshores @ cclink . draper . com
Google
 
Search Internet Search www.greatcircle.com