Tempest Security Techonologies -- Adivsory #01/2001 -- Linux IPTables

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This advisory is also available at: http://www.tempest.com.br/advisories/01-2001.html Cristiano Lincoln Mattos, CISSP, SSCP CESAR - Centro de Estudos e Sistemas Avanзados do Recife ===== Tempest Security Technologies - Advisory 01 / 2001 =============...

HTTP Proxy Arbitrary Site/Port Relaying

The remote proxy, allows everyone to perform requests against arbitrary ports, such as : 'GET http://cvs.nessus.org:110'. This problem may allow attackers to go through your firewall, by connecting to sensitive ports like 25 sendmail using the proxy. In addition to that, it might be used to perfo...