http proxy port tcp-8080 detection.plugin

全面网络扫描器VB源代码 很实用

<plugin_id>196</plugin_id>
<plugin_name>HTTP Proxy port tcp/8080 detection</plugin_name>
<plugin_family>Firewalls</plugin_family>
<plugin_created_date>2004/09/09</plugin_created_date>
<plugin_created_name>Marc Ruef</plugin_created_name>
<plugin_created_email>marc dot ruef at computec dot ch</plugin_created_email>
<plugin_created_web>http://www.computec.ch</plugin_created_web>
<plugin_created_company>computec.ch</plugin_created_company>
<plugin_updated_name>Marc Ruef</plugin_updated_name>
<plugin_updated_email>marc dot ruef at computec dot ch</plugin_updated_email>
<plugin_updated_web>http://www.computec.ch</plugin_updated_web>
<plugin_updated_company>computec.ch</plugin_updated_company>
<plugin_updated_date>2004/11/13</plugin_updated_date>
<plugin_version>1.3</plugin_version>
<plugin_changelog>Added a NetRecon rating and CVE number in version 1.2. Corrected the plugin structure and added the accuracy values in 1.3</plugin_changelog>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>8080</plugin_port>
<plugin_procedure_detection>open|send GET / HTTP/1.0\nProxy-Connection: Keep-Alive\n\n|sleep|close|pattern_exists *HTTP/1.[0-1] 200 * OR *HTTP/1.[0-1] 50[2-3] *</plugin_procedure_detection>
<plugin_detection_accuracy>80</plugin_detection_accuracy>
<plugin_comment>Check is inspired by the Nessus plugin. See also ATK plugin 34 for a Squid specific version of this plugin.</plugin_comment>
<bug_affected>Misconfigured or unsecure HTTP proxy servers</bug_affected>
<bug_not_affected>Other solutions</bug_not_affected>
<bug_vulnerability_class>Configuration</bug_vulnerability_class>
<bug_description>The remote host is running an HTTP web proxy that is misconfigured because he accepts requests coming from anywhere. This allows attackers to gain some anonymity when browsing some sensitive sites using your proxy, making the remote sites think that the requests come from your network. An attacker may also use this one to do further analysis or attacking of the proxy host.</bug_description>
<bug_solution>You should install or upgrade the proxy to the latest version to prevent the exploitation of known vulnerabilities. Also limit unwanted connections and communications with ACL and firewalling.</bug_solution>
<bug_fixing_time>Approx. 40 minutes</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_remote>Yes</bug_remote>
<bug_local>Yes</bug_local>
<bug_severity>Medium</bug_severity>
<bug_popularity>9</bug_popularity>
<bug_simplicity>7</bug_simplicity>
<bug_impact>6</bug_impact>
<bug_risk>7</bug_risk>
<bug_nessus_risk>Low / Medium</bug_nessus_risk>
<bug_netrecon_rating>42</bug_netrecon_rating>
<bug_check_tool>Nessus is able to do the same check.</bug_check_tool>
<source_cve>CVE-1999-0633</source_cve>
<source_nessus_id>10195</source_nessus_id>
<source_literature>Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427</source_literature>
<source_misc>http://www.computec.ch</source_misc>