Cisco Systems, Inc. Information for VU#435052
Intercepting proxy servers may incorrectly rely on HTTP headers to make connections
- Vendor Information Help Date Notified: 09 Dec 2008
- Statement Date:
- Date Updated: 12 Mar 2009
The Cisco PSIRT has been investigating and has not found any vulnerable products. If we determine that any of our products are vulnerable, information will be available at: http://www.cisco.com/go/psirt/. Please direct any questions to firstname.lastname@example.org.
The vendor has not provided us with any further information regarding this vulnerability.
Access control lists can be configured to mitigate this vulnerability. The below ACLs limit access allow a proxy server to only connect make outbound connections to TCP port 80.
access-list 111 permit tcp [ip address of proxy] any eq 80
access-list 112 permit tcp any any gt 1023 established
If you have feedback, comments, or additional information about this vulnerability, please send us email.