Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WebWasher Proxy Server < 3.4 Detection



The remote host may give an attacker information useful for future attacks.


There is a flaw in the remote WebWasher Proxy. The proxy, when issued a CONNECT command for (or localhost/loopback), will comply with the request and initiate a connection to the local machine. This bypasses any sort of firewalling as well as gives access to local applications that are only bound to the loopback.


upgrade to version 3.4 or higher.