Debian GNU/Linux Information for VU#435052
Intercepting proxy servers may incorrectly rely on HTTP headers to make connections
- Vendor Information Help Date Notified: 09 Dec 2008
- Statement Date:
- Date Updated: 20 Feb 2009
Status
Not Affected
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
Administrators of Debian systems should use ACLs or iptables rules to prevent proxies from connecting to internal resources. Administrators who use Squid should refer to http://www.visolve.com/squid/squid24s1/access_controls.php for more information.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.