HTTP Proxy POST Request Relaying

The proxy allows the users to perform POST requests such as POST http://cvs.nessus.org:21 without any Content-length tag. This request may give an attacker the ability to have an interactive session. This problem may allow attackers to go through your firewall, by connecting to sensitive ports li...

HTTP Proxy Arbitrary Site/Port Relaying

The remote proxy, allows everyone to perform requests against arbitrary ports, such as : 'GET http://cvs.nessus.org:110'. This problem may allow attackers to go through your firewall, by connecting to sensitive ports like 25 sendmail using the proxy. In addition to that, it might be used to perfo...

HTTP Proxy Open Relay Detection

The remote web proxy accepts unauthenticated HTTP requests from the Nessus scanner. By routing requests through the affected proxy, a user may be able to gain some degree of anonymity while browsing websites, which will see requests as originating from the remote host itself rather than the user'...

DUO-PSA-2017-002: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2017-002 Publication Date: 2017-05-31 Revision Date: 2017-05-31 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has identified an issue in duounix, which, under certain uncommon configurations, could enable attackers to bypass...