In this column, we look at insecure Web Proxy Servers; buffer overflows in ncurses, Squid, hanterm, and ripMime; and problems in gnujsp, the NetBSD kernel, jmcce, the IRIX Unified Name Service Daemon, and Chuid. Some insecurely-configured Web proxy servers can be . . .
In this column, we look at insecure Web Proxy Servers; buffer overflows in ncurses, Squid, hanterm, and ripMime; and problems in gnujsp, the NetBSD kernel, jmcce, the IRIX Unified Name Service Daemon, and Chuid. Some insecurely-configured Web proxy servers can be exploited by a remote attacker to make arbitrary connections to unauthorized hosts. Two common abuses of a misconfigured proxy server are to use it to bypass firewall restrictions and to send spam email. A server is used to bypass a firewall by connecting to the proxy from outside the firewall and then opening a connection to a host inside the firewall. A server is used to send spam by connecting to the proxy and then having it connect to a SMTP server. It has been reported that many Web proxy servers are distributed with insecure default configurations.