NTMail 5.x Contains an Open Proxy
If NTMail is configured to turn off the proxy then the proxy will stop listening on the default port, however a user could point to the default Web port (8000) and gain open access to the Internet. NTMail does no prohibit use of the proxy on the Web-based configuration port.
The software has no restrictions on which users can use the proxy so any user with knowledge of the server could bypass any inhouse proxy restrictions, such as monitoring software, content filters, and more.
VENDOR RESPONSE
NTMailUSA is aware of the problem, however no fix has been released at the time of this writing. If you must restrict user access to Web sites via proxy then disable the Web configuration service in NTMail until the vendor resolves the issue.
CREDITS
|
NTMail 5.x Contains an Open Proxy
0 comments
Hide comments