"Transparent proxies allow organizations to influence and monitor thetraffic
from its users without their knowledge or participation.Transparent proxies act
as intermediaries between a user and enddestination, and aren't generally
apparent to users sitting behindthem. Enterprises, Hotels, and Internet Service
Providers often usetransparent proxy products to lower bandwidth
consumption,speed up pageloads for their users, and for monitoring and
filtering of web surfing.When certain transparent proxy architectures are in
use an attacker canachieve a partial Same Origin Policy Bypass resulting in
access to anyhost reachable by the proxy via the use of client plug-in
technologies(such as Flash, Applets, etc) with socket capabilities. This write
upwill describe this architecture, how it may be abused by Flash, itsexistence
in various network layouts, and mitigations."
Full paper:
http://www.thesecuritypractice.com/the_security_practice/TransparentProxyAbuse.pdf
Full Cert Announcement (look at that product list [\/\/0\/\/!]):
http://www.kb.cert.org/vuls/id/435052
http://www.ietf.org/rfc/rfc2616.txt
http://www.webappsec.org/lists/websecurity/archive/2008-06/msg00073.html
http://www.us-cert.gov/reading_room/securing_browser/
http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14213
http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
http://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)#Black_Box_testing_and_example
http://en.wikipedia.org/w/index.php?title=List_of_TCP_and_UDP_port_numbers&oldid=266934839
Robert Auger from the PayPal Information RiskManagement team reported this
issue and provided complete proof of concept technical information.
Nosis| Obnosis | (503)754-4452
PLUG Linux Security Labs 2nd Saturday Each mo...@noon - 3PM
_________________________________________________________________
Windows Liveā¢ Groups: Create an online spot for your favorite groups to meet.
http://windowslive.com/online/groups?ocid=TXT_TAGLM_WL_groups_032009
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss