SOCKS5 Server Recursive Connection Remote DoS

medium Nessus Plugin ID 17156

Synopsis

The remote proxy is vulnerable to denial of service.

Description

It was possible to connect to the SOCKS5 server through itself.

This allows anybody to saturate the proxy CPU, memory or file descriptors.

Solution

Reconfigure your proxy so that it refuses connections to itself.

See Also

https://tools.ietf.org/html/rfc1928

Plugin Details

Severity: Medium

ID: 17156

File Name: socks5_loop_connect.nasl

Version: 1.13

Type: remote

Family: Firewalls

Published: 2/20/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P