Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Misc. --> Category: infos

WebWasher Classic HTTP CONNECT Unauthorized Access Weakness Vulnerability Scan

Vulnerability Scan Summary
Searches for the existence of WebWasher Proxy

Detailed Explanation for this Vulnerability Test

There is a flaw in the remote WebWasher Proxy. The Proxy, when issued
a CONNECT command for (or localhost/loopback), will comply with
the request and initiate a connection to the local machine.

This bypasses any sort of firewalling as well as gives access to local
applications which are only bound to the loopback.

Solution: Upgrade to a version of WebWasher greater than 3.3.
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.