HTTP Proxy Arbitrary Site/Port Relaying

This script is Copyright (C) 1999-2013 Tenable Network Security, Inc.


Synopsis :

The remote proxy can be used to connect to arbitrary ports

Description :

The remote proxy, allows everyone to perform requests against
arbitrary ports, such as :

'GET http://cvs.nessus.org:110'.

This problem may allow attackers to go through your firewall,
by connecting to sensitive ports like 25 (sendmail) using the
proxy. In addition to that, it might be used to perform attacks
against other networks.

Solution :

Set up ACLs in place to prevent your proxy from accepting to
connect to non-authorized ports.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Firewalls

Nessus Plugin ID: 10193 ()

Bugtraq ID:

CVE ID: