WebWasher Information for VU#150227

HTTP proxy default configurations allow arbitrary TCP connections

Status

Affected

Vendor Statement

This problem has been fixed with the newest releases of WebWasher EE.
General Availability (GA) release: WebWasher Proxy 3.4.1 Build 175
First Customer Shipment (FCS) release: WebWasher 4.0.0 Build 177

We fixed the problem end of July [2002] and that all version we released since contain this fix.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.