Plugin ID | 196 |
Plugin name | HTTP Proxy port tcp/8080 detection |
Plugin filename | HTTP Proxy port tcp-8080 detection.plugin |
Plugin filesize | 3111 bytes |
Plugin family | Firewalls |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/09/09 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/13 |
Plugin version | 1.3 |
Plugin changelog | Added a NetRecon rating and CVE number in version 1.2. Corrected the plugin structure and added the accuracy values in 1.3 |
Plugin protocol | tcp |
Plugin port | 8080 |
Plugin procedure detection | open|send GET / HTTP/1.0\nProxy-Connection: Keep-Alive\n\n|sleep|close|pattern_exists *HTTP/1.[0-1] 200 * OR *HTTP/1.[0-1] 50[2-3] * |
Plugin detection accuracy | 80 |
Plugin comment | Check is inspired by the Nessus plugin. See also ATK plugin 34 for a Squid specific version of this plugin. |
Bug affected | Misconfigured or unsecure HTTP proxy servers |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | The remote host is running an HTTP web proxy that is misconfigured because he accepts requests coming from anywhere. This allows attackers to gain some anonymity when browsing some sensitive sites using your proxy, making the remote sites think that the requests come from your network. An attacker may also use this one to do further analysis or attacking of the proxy host. |
Bug solution | You should install or upgrade the proxy to the latest version to prevent the exploitation of known vulnerabilities. Also limit unwanted connections and communications with ACL and firewalling. |
Bug fixing time | Approx. 40 minutes |
Bug exploit availability | Yes |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Medium |
Bug popularity | 9 |
Bug simplicity | 7 |
Bug impact | 6 |
Bug risk | 7 |
Bug Nessus risk | Low / Medium |
Bug Symantec NetRecon rating | 42 |
Bug check tools | Nessus is able to do the same check. |
Source CVE | CVE-1999-0633 |
Source Nessus ID | 10195 |
Source Literature | Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 |
Source Misc. | http://www.computec.ch |