HTTP Proxy Open Relay Detection

Info Nessus Plugin ID 10195

Synopsis

The remote web proxy server accepts requests.

Description

The remote web proxy accepts unauthenticated HTTP requests from the Nessus scanner. By routing requests through the affected proxy, a user may be able to gain some degree of anonymity while browsing websites, which will see requests as originating from the remote host itself rather than the user's host.

Solution

Make sure access to the proxy is limited to valid users / hosts.

Plugin Details

Severity: Info

ID: 10195

File Name: proxy_use.nasl

Version: Revision: 1.42

Type: remote

Family: Firewalls

Published: 1999/06/22

Updated: 2014/04/25

Dependencies: 10582, 34474, 17975

Risk Information

Risk Factor: Info