Overview
SurfControl SuperScout Web Filter does not block some HTTP requests that have been fragmented into multiple packets.
Description
SurfControl SuperScout Web Filter is software intended for companies that wish to limit employees' web surfing to appropriate uses. SuperScout anazlyzes individual packets that contain an HTTP GET request and a "Host:" header to determine whether an HTTP request to an inappropriate Web site is being made. SuperScout does not keep state of previous packets. Therefore, it will not block HTTP GET requests if the "Host:" header appears in a separate packet. |
Impact
Users can bypass SuperScout filtering and access blocked Web content. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
None. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Security Tracker for publishing an article on this issue.
This document was written by Shawn Van Ittersum.
Other Information
| CVE IDs: | None |
| Severity Metric: | 0.30 |
| Date Public: | 2001-06-21 |
| Date First Published: | 2002-08-09 |
| Date Last Updated: | 2002-08-09 00:30 UTC |
| Document Revision: | 21 |