DeSofto MyProxy Lets Remote Authenticated Users Connect to Arbitrary Ports and Hosts
|
|
SecurityTracker Alert ID: 1012322 |
|
SecurityTracker URL: http://securitytracker.com/id/1012322
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Updated: Dec 3 2004
|
Original Entry Date: Nov 24 2004
|
Impact:
Host/resource access via network
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 6.58
|
Description:
Ziv Kamir of Global Security Solution IT reported a vulnerability in DeSofto's MyProxy. A remote authenticated user can connect to other systems via the proxy.
It is reported that a remote authenticated user can connect to the proxy and invoke the CONNECT command to connect to arbitrary ports on arbitrary servers.
The vendor was notified on November 22, 2004.
|
Impact:
A remote authenticate user can connect to arbitrary ports on arbitrary hosts via the proxy.
|
Solution:
No solution was available at the time of this entry.
The vendor reports that only users listed in the "Users" option can invoke the CONNECT feature.
|
Vendor URL: myproxy.com.ua/ (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 24 Nov 2004 01:50:20 -0800 (PST)
Subject: MyProxy
|
--0-644711960-1101289820=:133
Content-Type: text/plain; charset=us-ascii
Content-Id:
Content-Disposition: inline
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--0-644711960-1101289820=:133
Content-Type: text/plain; name="MyProxy.txt"
Content-Description: MyProxy.txt
Content-Disposition: inline; filename="MyProxy.txt"
23/11/04
====================================
GSSIT - Global Security Solution IT
====================================
-------------------------------------------------------
Application: MyProxy
Web Site: myproxy.com.ua
Versions: 6.58
Platform: Windows
Credits:
########
#########################################
# == Ziv Kamir == #
# #
# GSSIT - Global Security Solution IT #
# #
# WEB : www.gssit.co.il #
# #
# #
#########################################
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
================
1) Introduction
================
Myproxy helps dramatically accelerate your internet connection,
save your Internet costs and make your web surfing more enjoyable.
=======
2) Bug
=======
using the:
CONNECT method to connect to a different server.
===========
3) The Code
===========
Ex :
Proxy ip : 5.5.5.5
The Pop3 Server ip : 4.4.4.4
Connect with "telnet 5.5.5.5 8080" to the proxy and
enter: CONNECT 4.4.4.4:110 / HTTP/1.0
The response should be the Pop3 server banner.
> You can connect to any TCP port on any machine the proxy can connect to. <
======
4) Fix
======
Date of Vendor Notification:
----------------------------
22/11/04
Response :
=========
23/11/04
Yes, but only users listed at the "Users" tab-sheet MyProxy's
options can access MyProxy and use this feature.
==============================================================================================
*** The Data is for educational purpose only. ***
The information in this bulletin is provided "AS IS" without
warranty of any kind. In no event shall we be liable for any
damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages.
==============================================================================================
--0-644711960-1101289820=:133--
|
|
