Mailing List Archive: First NASL script, be gentle (F5 cookie decoder)

You solution link returns a 404. F5's web site is horribly designed, and I
can't find any references to this issue there.

Do you have any additional information?

Jerry Heidtke, CISSP

Lead Information Security Analyst
MGIC Information Security
414-347-6837

Jon Passki <cykyc@yahoo.com>
Sent by: plugins-writers-bounces@list.nessus.org
10/07/2005 08:46 PM
Please respond to
cykyc@yahoo.com

To
plugins-writers@list.nessus.org
cc

Subject
[Plugins-writers] First NASL script, be gentle (F5 cookie decoder)

Hello All,

Please give the script located at [1] a spin. Here's the
description:

desc["english"] = "
The F5 BigIP load balancer encodes within a cookie the IP address
of the
actual web server it is acting on behalf of. This value may
disclosure
sensitive information, such as internal IP addresses.
BIG-IP(R) is a registered trademark of F5 Networks, Inc.

Solution:
http://www.f5.com/solutions/archives/techbriefs/cookie.html

Risk factor : Low";

There's a bunch of sites that set this, from my cookie viewing, so
enjoy!

Jon

[1] http://www.visi.com/~jpasski/bigip_cookie.nasl
MD5 http://www.visi.com/~jpasski/bigip_cookie.nasl.md5
MD5 referral
http://www.visi.com/~jpasski/e72562e00de0b699f611089fe7d35916

__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers

_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers