SmoothWall Information for VU#435052
Intercepting proxy servers may incorrectly rely on HTTP headers to make connections
- Vendor Information Help Date Notified: 09 Dec 2008
- Statement Date:
- Date Updated: 20 Feb 2009
SmoothWall products that include SmoothGuardian (SchoolGuardian, NetworkGuardian, and our Firewall prouct that have SmoothGuardian installed upon them) are vulnerable but the workaround is to configure Guardian to block their internal web servers without passwords using hostname and IPaddress. The vulnerability only is real if users allow java or activex, are using transparent proxying, and have internal web servers not password protected.
We are also working on a hostname validation system which will actually increase the security beyond a normal system by checking the destination hostname against the destination IP which will protect against certain cache or host file poisoning.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.