Misconfigured SOCKS filtering

This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.


Synopsis :

Network access policies may be circumvented.

Description :

A private network can be reached through the SOCKS proxy.

The reachable IP address of this SOCKS proxy is public, and its
'external' address is private. Using the SOCKS proxy, an attacker may
connect to internal machines that run on RFC1918 addresses, which are
expected to be unreachable from the public Internet.

Solution :

Reconfigure the proxy so that it rejects connections on its public
interface or at least, enforces authentication.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Family: Firewalls

Nessus Plugin ID: 48406 ()

Bugtraq ID:

CVE ID: