[squid-users] filtering new IE exploit

From: DB <DB@dont-contact.us>
Date: Thu, 11 Dec 2003 10:07:40 -0500

I saw a new IE exploit descibed as follows:

---------------------
http://www.secunia.com/advisories/10395/

Example displaying only "http://www.trusted_site.com" in the address bar
when the real domain is "malicious_site.com":
http://www.trusted_site.com%01@malicious_site.com/malicious.html
--------------------

I'm trying to use an acl to prevent access to such urls. I tried this:

acl ieflaw url_regex %01@

and

http_access deny ieflaw

but this doesn't seem to do anything at all

Can anyone help? This problem could be serious and who know when M$ will
get it patched.

DB
Received on Thu Dec 11 2003 - 08:07:37 MST

This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:10 MST