HTTP Proxy port tcp/8080 detection 1.3
 
Plugin ID196
Plugin nameHTTP Proxy port tcp/8080 detection
Plugin filenameHTTP Proxy port tcp-8080 detection.plugin
Plugin filesize3111 bytes
Plugin familyFirewalls
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/09
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.3
Plugin changelogAdded a NetRecon rating and CVE number in version 1.2. Corrected the plugin structure and added the accuracy values in 1.3
Plugin protocoltcp
Plugin port8080
Plugin procedure detectionopen|send GET / HTTP/1.0\nProxy-Connection: Keep-Alive\n\n|sleep|close|pattern_exists *HTTP/1.[0-1] 200 * OR *HTTP/1.[0-1] 50[2-3] *
Plugin detection accuracy80
Plugin commentCheck is inspired by the Nessus plugin. See also ATK plugin 34 for a Squid specific version of this plugin.
Bug affectedMisconfigured or unsecure HTTP proxy servers
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote host is running an HTTP web proxy that is misconfigured because he accepts requests coming from anywhere. This allows attackers to gain some anonymity when browsing some sensitive sites using your proxy, making the remote sites think that the requests come from your network. An attacker may also use this one to do further analysis or attacking of the proxy host.
Bug solutionYou should install or upgrade the proxy to the latest version to prevent the exploitation of known vulnerabilities. Also limit unwanted connections and communications with ACL and firewalling.
Bug fixing timeApprox. 40 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity9
Bug simplicity7
Bug impact6
Bug risk7
Bug Nessus riskLow / Medium
Bug Symantec NetRecon rating42
Bug check toolsNessus is able to do the same check.
Source CVECVE-1999-0633
Source Nessus ID10195
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.