|
|
Family: Firewalls --> Category: infos
Usable remote proxy on any port Vulnerability Scan
Vulnerability Scan Summary
Acertains if we can use the remote web proxy against any port
Detailed Explanation for this Vulnerability Test
The proxy, allows everyone to perform requests
against arbitrary ports, like
'GET http://cvs.nessus.org:110'.
This problem may allow attackers to go through your
firewall, by connecting to sensitive ports like 25 (sendmail)
using your proxy. In addition to that, your proxy may be used
to perform attacks against other networks.
Solution: reconfigure your proxy so that it only accepts
connections against non-dangerous ports (> 1024).
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
