Synopsis
Network access policies may be circumvented.
Description
A private network can be reached through the SOCKS proxy.
The reachable IP address of this SOCKS proxy is public, and its 'external' address is private. Using the SOCKS proxy, an attacker may connect to internal machines that run on RFC1918 addresses, which are expected to be unreachable from the public Internet.
Solution
Reconfigure the proxy so that it rejects connections on its public interface or at least, enforces authentication.
Plugin Details
File Name: socks_priv_access.nasl
Supported Sensors: Nessus