Proxy+ Allows Administrative Access

 
Proxy+ Allows Administrative Access
Reported June 26 by
Andrew Lewis

VERSIONS EFFECTED
  • P
roxy+ 2.40

DESCRIPTION

Proxy+ configure its remote administration interface to only accept connections from "localhost". The administrative interface does not allow  connections which come through the server"s HTTP proxy, however the it does allow connections that come through the server"s Telnet proxy.

VENDOR RESPONSE

The vendor, Fortech, is aware of this matter and however no response was known at the time of this writing.

CREDITS
Discovered and reported by Andrew Lewis

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish