HTTP Proxy connect method detection 1.1
 
Plugin ID197
Plugin nameHTTP Proxy connect method detection
Plugin filenameHTTP Proxy connect method detection.plugin
Plugin filesize2816 bytes
Plugin familyFirewalls
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/09
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.1
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.1
Plugin protocoltcp
Plugin port8080
Plugin procedure detectionopen|send CONNECT www.computec.ch:21 HTTP/1.0\n\n|sleep|close|pattern_exists 200 OR 503
Plugin detection accuracy90
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug affectedMisconfigured or unsecure HTTP proxy servers
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThis problem may allow attackers to go through your firewall, by connecting to sensitive ports like 23 (telnet) using your proxy, or it can allow internal users to bypass the firewall rules and connect to ports they should not be allowed to. In addition to that, your proxy may be used to perform attacks against other networks.
Bug solutionYou should install or upgrade the proxy to the latest version to prevent the exploitation of known vulnerabilities. Also limit unwanted connections and communications with ACL and firewalling.
Bug fixing timeApprox. 40 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity7
Bug simplicity6
Bug impact7
Bug risk7
Bug Nessus riskHigh
Bug check toolsNessus is able to do the same check.
Source Nessus ID10192
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.