Debian GNU/Linux Information for VU#435052

Intercepting proxy servers may incorrectly rely on HTTP headers to make connections

Status

Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Administrators of Debian systems should use ACLs or iptables rules to prevent proxies from connecting to internal resources. Administrators who use Squid should refer to http://www.visolve.com/squid/squid24s1/access_controls.php for more information.

If you have feedback, comments, or additional information about this vulnerability, please send us email.