HTTP Proxy POST Request Relaying

This script is Copyright (C) 1999-2013 Tenable Network Security, Inc.

Synopsis :

Interactive sessions can be open through the HTTP proxy.

Description :

The proxy allows the users to perform POST requests such as


without any Content-length tag.

This request may give an attacker the ability to have an interactive

This problem may allow attackers to go through your firewall, by
connecting to sensitive ports like 23 (telnet) using your proxy, or it
can allow internal users to bypass the firewall rules and connect to
ports they should not be allowed to.

In addition to that, your proxy may be used to perform attacks against
other networks.

Solution :

Reconfigure your proxy so that only the users of the internal network
can use it, and so that it can not connect to dangerous ports (1-1024).

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Firewalls

Nessus Plugin ID: 10194 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial