HTTP Proxy Arbitrary Site/Port Relaying

medium Nessus Plugin ID 10193

Synopsis

The remote proxy can be used to connect to arbitrary ports

Description

The remote proxy, allows everyone to perform requests against arbitrary ports, such as :

'GET http://cvs.nessus.org:110'.

This problem may allow attackers to go through your firewall, by connecting to sensitive ports like 25 (sendmail) using the proxy. In addition to that, it might be used to perform attacks against other networks.

Solution

Set up ACLs in place to prevent your proxy from accepting to connect to non-authorized ports.

Plugin Details

Severity: Medium

ID: 10193

File Name: proxy_port.nasl

Version: Revision: 1.28

Type: remote

Family: Firewalls

Published: 6/22/1999

Updated: 1/25/2013

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Proxy/usage