Kerio Information for VU#150227
HTTP proxy default configurations allow arbitrary TCP connections
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 15 Oct 2002
WinRoute Pro customers are in 99% of cases using NAT for Internet access, therefore making it impossible to connect to the proxy server through external interfaces and thus exploit CONNECT method. Cusomers that are not using NAT but are using (or have enabled) the proxy component, should create appropriate packet filtering rules. The reasonable rule would be to filter incoming external TCP traffic on port 3128, where by default the proxy server listens.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.