Summary
This host is running WinGate HTTP Proxy Server and is prone to access controls bypass vulnerability.
Impact
Successful exploitation will let the attacker obtain sensitive information i.e. Intranet webpage details.
Impact Level: Application/Network
Solution
Upgrade to latest version,
For updates refer to http://www.wingate.com
Insight
This issue occurs when the proxy makes a forwarding decision based on the 'Host' HTTP header instead of the destination IP address while the proxy server works in transparent interception mode.
Affected
WinGate version 6.0 to 6.5.2 Build 1217.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-0802 -
CVSS Base Score: 5.4
AV:N/AC:H/Au:N/C:C/I:N/A:N
Related Vulnerabilities
- 123 Flash Chat Multiple Security Vulnerabilities
- Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities