Finjan SurfinGate Proxy FHTTP Command Admin Functions Authentication Bypass

High Nessus Network Monitor Plugin ID 1169

Synopsis

The remote proxy can be tricked into executing commands.

Description

The remote host is running a Finjan proxy. It may be possible to use this proxy and force it to connect to itself, to then issue administrative commands to this service. An attacker may use this flaw to force this proxy to restart continuously, although other administrative commands might be executable.

Solution

Block all connections to '*:ControlPort'.

See Also

http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0929.html

Plugin Details

Severity: High

ID: 1169

Family: Web Servers

Published: 2004/08/20

Modified: 2018/07/11

Dependencies: 1442

Nessus ID: 12036

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:W/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:H/RL:W/RC:C

Vulnerability Information

CPE: cpe:/a:finjan_software:surfingate

Reference Information

CVE: CVE-2004-2107

BID: 9478