Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Firewalls --> Category: infos

Proxy accepts POST requests Vulnerability Scan


Vulnerability Scan Summary
Acertains if we can use the remote web proxy against any port

Detailed Explanation for this Vulnerability Test
The proxy allows the users to perform
POST requests like
POST http://cvs.nessus.org:21

Without any Content-length tag.
This request may give a possible hacker the ability
to have an interactive session.

This problem may allow attackers to go through your
firewall, by connecting to sensitive ports like 23 (telnet)
using your proxy, or it can allow internal users to bypass the firewall
rules and connect to ports they should not be allowed to.

In addition to that, your proxy may be used to perform attacks against
other networks.

Solution: reconfigure your proxy so that only the users of the internal
network can use it, and so that it can not connect to dangerous
ports (1-1024).

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.