Proxy accepts CONNECT requests

Description

The remote proxy server can be used to send CONNECT requests.
The proxy allows everyone to perform CONNECT HTTP requests to arbitrary ports, such as:

CONNECT www.acunetix.com:25
This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy. A spammer may be using your proxy to send bulk email.

Remediation

Restrict proxy access to valid users and/or hosts. Deny CONNECT requests.

References
Severity
Classification
Tags
  • Configuration   Network Alert