SmoothWall Information for VU#435052

Intercepting proxy servers may incorrectly rely on HTTP headers to make connections

Status

Affected

Vendor Statement

SmoothWall products that include SmoothGuardian (SchoolGuardian, NetworkGuardian, and our Firewall prouct that have SmoothGuardian installed upon them) are vulnerable but the workaround is to configure Guardian to block their internal web servers without passwords using hostname and IPaddress. The vulnerability only is real if users allow java or activex, are using transparent proxying, and have internal web servers not password protected.

    We are also working on a hostname validation system which will actually increase the security beyond a normal system by checking the destination hostname against the destination IP which will protect against certain cache or host file poisoning.

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    There are no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.