HTTP Proxy CONNECT Request Relaying

This script is Copyright (C) 1999-2013 Tenable Network Security, Inc.


Synopsis :

The HTTP proxy can be used to establish interactive sessions.

Description :

The proxy allows the users to perform CONNECT requests such as

CONNECT http://cvs.nessus.org:23

This request gives the person who made it the ability to have an
interactive session with a third-party site.

This problem may allow attackers to bypass your firewall by connecting
to sensitive ports such as 23 (telnet) via the proxy, or it may allow
internal users to bypass the firewall rules and connect to ports or
sites they should not be allowed to.

In addition, your proxy may be used to perform attacks against other
networks.

Solution :

Reconfigure your proxy so that it refuses CONNECT requests.

Risk factor :

None

Family: Firewalls

Nessus Plugin ID: 10192 ()

Bugtraq ID:

CVE ID: