AnalogX Information for VU#150227

HTTP proxy default configurations allow arbitrary TCP connections

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

AnalogX Proxy 4.14 (May 2003) blocks connections to port 25/tcp by default and provides access control for destination ports used by the HTTP CONNECT method. A warning is displayed if the proxy is configured to listen on all IP addresses, and the proxy can be bound to one address.

If you have feedback, comments, or additional information about this vulnerability, please send us email.