Short Name |
HTTP:BADBLUE:PROXY-RELAY |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
BadBlue Proxy Relay |
Release Date |
2004/08/18 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to relay a Web request through a BadBlue Web server. When BadBlue is using its default configuration, attackers can use the Web server as a proxy server to attack internal targets or mask attack activity.
A vulnerability exists in the way that BadBlue web server does not use authorization when specially crafted proxy requests are received by it. Attackers could exploit this vulnerability to bypass firewalls and compromise other servers using BadBlue as a proxy.