Detections
Analytics

Finjan SurfinGate Proxy FHTTP Command Admin Functions Authentication Bypass

high Nessus Network Monitor Plugin ID 1169

Synopsis

The remote proxy can be tricked into executing commands.

Description

The remote host is running a Finjan proxy. It may be possible to use this proxy and force it to connect to itself, to then issue administrative commands to this service. An attacker may use this flaw to force this proxy to restart continuously, although other administrative commands might be executable.

Solution

Block all connections to '*:ControlPort'.

See Also

http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0929.html

Plugin Details

Severity: High

ID: 1169

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 12036

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:W/RC:C

Vulnerability Information

CPE: cpe:/a:finjan_software:surfingate

Reference Information

CVE: CVE-2004-2107

BID: 9478