Synopsis
The remote proxy may be vulnerable to a denial of service.
Description
The proxy allows the users to perform repeated CONNECT requests to itself.
This allow anybody to saturate the proxy CPU, memory or file descriptors.
** Note that if the proxy limits the number of connections
** from a single IP (e.g. acl maxconn with Squid), it is
** protected against saturation and you may ignore this alert.
Solution
Reconfigure your proxy so that it refuses CONNECT requests to itself.
Plugin Details
File Name: http_proxy_loop_connect.nasl
Supported Sensors: Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
Required KB Items: Proxy/usage