WebWasher Proxy Server < 3.4 Detection

medium Nessus Network Monitor Plugin ID 2570

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

There is a flaw in the remote WebWasher Proxy. The proxy, when issued a CONNECT command for 127.0.0.1 (or localhost/loopback), will comply with the request and initiate a connection to the local machine. This bypasses any sort of firewalling as well as gives access to local applications that are only bound to the loopback.

Solution

upgrade to version 3.4 or higher.

Plugin Details

Severity: Medium

ID: 2570

Family: Web Servers

Published: 1/28/2005

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:webwasher:webwasher_classic

Reference Information

CVE: CVE-2005-0316

BID: 12394