Family: Firewalls --> Category: infos
Gopherd Proxy Usage Vulnerability Scan
Vulnerability Scan Summary
Acertains if gopherd can be used as a proxy
Detailed Explanation for this Vulnerability Test
The remote host is running a Gopher server.
It is possible to make the remote server connect to third
party FTP sites by sending the request 'ftp://hostname.of.the.ftp.server'.
A possible hacker may exploit this flaw to connect to use the remote
gopher daemon as a proxy to connect to FTP servers without disclosing
their IP address.
A possible hacker could also exploit this flaw to 'ping' the hosts
of your network.
Solution : Disable FTP support in the remote gopher server
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.