The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26351
http://www.vupen.com/english/advisories/2006/1762
http://www.securityfocus.com/bid/17937
http://www.cisco.com/warp/public/707/cisco-sa-20060510-avs.shtml