Security Vulnerability on HTTP Proxy Post Request Relaying and HTTP Proxy Arbitrary Site/Port Relaying

book

Article ID: 168686

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction


Vulnerability: HTTP Proxy POST Request Relaying
ToDo: Reconfigure your proxy so that only the users of the internal network can use it, and so that it can not connect to dangerous ports (1-1024).
CertRef:
Tool Reference:
http://www.nessus.org/plugins/index.php?view=single&id=10194
Comment:
Counted in:
Monitor:
NessusOutput: Port: 8080/tcp
CVE: NOCVE

Vulnerability: HTTP Proxy POST Request Relaying
ToDo: Reconfigure your proxy so that only the users of the internal network can use it, and so that it can not connect to dangerous ports (1-1024).
CertRef:
Tool Reference:
http://www.nessus.org/plugins/index.php?view=single&id=10194
Comment:
Counted in:
Monitor:
NessusOutput: Port: 80/tcp
CVE: NOCVE

Vulnerability: HTTP Proxy Arbitrary Site/Port Relaying
ToDo: Set up ACLs in place to prevent your proxy from accepting toconnect to non-authorized ports.
CertRef:
Tool Reference:
http://www.nessus.org/plugins/index.php?view=single&id=10193
Comment:
Counted in:
Monitor:
NessusOutput: Port: 8080/tcp
CVE: NOCVE

Vulnerability: HTTP Proxy Arbitrary Site/Port Relaying
ToDo: Set up ACLs in place to prevent your proxy from accepting toconnect to non-authorized ports.
CertRef:
Tool Reference:
http://www.nessus.org/plugins/index.php?view=single&id=10193
Comment:
Counted in:
Monitor:
NessusOutput: Port: 80/tcp
CVE: NOCVE

Resolution

Please add the following CPL code in to Local Policy of the ProxySG appliance, and please note that this is to configure the ProxySG appliance to only allow connections to any OCS on tcp port 80 and 443.
<proxy>
url.port=!80 DENY

<proxy>
url.port=443 allow