HTTP Proxy POST Request Relaying

medium Nessus Plugin ID 10194

Language:

Synopsis

Interactive sessions can be open through the HTTP proxy.

Description

The proxy allows the users to perform POST requests such as

POST http://cvs.nessus.org:21

without any Content-length tag.

This request may give an attacker the ability to have an interactive session.

This problem may allow attackers to go through your firewall, by connecting to sensitive ports like 23 (telnet) using your proxy, or it can allow internal users to bypass the firewall rules and connect to ports they should not be allowed to.

In addition to that, your proxy may be used to perform attacks against other networks.

Solution

Reconfigure your proxy so that only the users of the internal network can use it, and so that it can not connect to dangerous ports (1-1024).

Plugin Details

Severity: Medium

ID: 10194

File Name: proxy_post.nasl

Version: 1.23

Type: remote

Family: Firewalls

Published: 6/22/1999

Updated: 9/13/2021

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score based on analysis of vulnerability.

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Required KB Items: Proxy/usage

Detections

Analytics