Misconfigured SOCKS filtering

medium Nessus Plugin ID 48406

Synopsis

Network access policies may be circumvented.

Description

A private network can be reached through the SOCKS proxy.

The reachable IP address of this SOCKS proxy is public, and its 'external' address is private. Using the SOCKS proxy, an attacker may connect to internal machines that run on RFC1918 addresses, which are expected to be unreachable from the public Internet.

Solution

Reconfigure the proxy so that it rejects connections on its public interface or at least, enforces authentication.

Plugin Details

Severity: Medium

ID: 48406

File Name: socks_priv_access.nasl

Version: Revision: 1.4

Type: remote

Family: Firewalls

Published: 8/23/2010

Updated: 12/9/2016

Supported Sensors: Nessus