Firewall-1 Allows Script Rule Circumvention
Reported January 30, 2000 by Arne Vidstrom
The "Strip Script Tags" in FW-1 can be circumvented by adding an extra less than sign (<) before the actual <SCRIPT> tag in the body of an HTML document.
For example, the following code works to bypass Firewall-1 rules.
Checkpoint is aware of the issue however no response was known at the time of this writing.
Discovered by Arne Vidstrom