Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:TUNNEL:SMTP

Severity

 Low

Recommended

 No

Category

 HTTP

Release Date

 2006/10/17

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: SMTP Proxied Through HTTP


This signature detects attempts to connect to an SMTP server through an HTTP CONNECT. Some HTTP servers allow to proxy to other services. Spammers use improperly configured HTTP servers to forward spam e-mails to avoid black lists.

Extended Description

Multiple software and integrated server packages that function as web proxies may be used as open TCP proxies. This is through the usage of the HTTP CONNECT method by default. This method is detailed in RFC 2817, where it is used to build generic Transit Layer Security over HTTP. Upon receiving a CONNECT request, vulnerable products act as a TCP proxy, tunneling the conversation. This can be used to launch attacks against internal machines or to, for example, use an internal mail server as an open relay. In many cases, this behavior may be controlled through the server configuration. Often it is related to support for tunneling or SSL related functionality. The issue may also introduce an additional threat. Trusted, internal hosts may be able to proxy unauthorized connections to arbitrary ports on external hosts, which may violate security policy. This vulnerability represents a preliminary list of vendors which may have vulnerable default configurations. Updates will be made as additional information becomes available.

Affected Products

  • Acme Software thttpd 2.0.0
  • Acme Software thttpd 2.0.1
  • Acme Software thttpd 2.0.2
  • Acme Software thttpd 2.0.3
  • Acme Software thttpd 2.0.4
  • Acme Software thttpd 2.0.5
  • Acme Software thttpd 2.0.6
  • Acme Software thttpd 2.0.7
  • Acme Software thttpd 2.0.8
  • Acme Software thttpd 2.0.9
  • Acme Software thttpd 2.10.0
  • Acme Software thttpd 2.11.0
  • Acme Software thttpd 2.12.0
  • Acme Software thttpd 2.13.0
  • Acme Software thttpd 2.14.0
  • Acme Software thttpd 2.15.0
  • Acme Software thttpd 2.16.0
  • Acme Software thttpd 2.17.0
  • Acme Software thttpd 2.18.0
  • Acme Software thttpd 2.19.0
  • Acme Software thttpd 2.20.0
  • Acme Software thttpd 2.21.0
  • Acme Software thttpd 2.22.0
  • ADTRAN Express 6120 IDSL Remote Access Router
  • AllegroSurf 3.0.0
  • AllegroSurf 3.0.0 .1.0
  • AllegroSurf 3.0.0 .1.2
  • AllegroSurf 3.0.0 .1.3
  • AllegroSurf 4.0.0
  • AllegroSurf 4.0.0 .0.1
  • AllegroSurf 4.1.0 .0.1
  • AllegroSurf 4.1.0 .0.2
  • AllegroSurf 4.2.0 .0.0
  • AllegroSurf 4.2.0 .0.1
  • AllegroSurf 4.2.0 .0.2
  • AllegroSurf 4.3.0
  • AnalogX SimpleServer:WWW 1.0.1
  • AnalogX SimpleServer:WWW 1.0.3
  • AnalogX SimpleServer:WWW 1.0.4
  • AnalogX SimpleServer:WWW 1.0.5
  • AnalogX SimpleServer:WWW 1.0.6
  • AnalogX SimpleServer:WWW 1.0.7
  • AnalogX SimpleServer:WWW 1.0.8
  • AnalogX SimpleServer:WWW 1.13.0
  • AnalogX SimpleServer:WWW 1.15.0
  • AnalogX SimpleServer:WWW 1.16.0
  • AnalogX SimpleServer:WWW 1.8.0
  • Apache Software Foundation Apache 1.0.0
  • Apache Software Foundation Apache 1.0.2
  • Apache Software Foundation Apache 1.0.3
  • Apache Software Foundation Apache 1.0.5
  • Apache Software Foundation Apache 1.1.0
  • Apache Software Foundation Apache 1.1.1
  • Apache Software Foundation Apache 1.2.0
  • Apache Software Foundation Apache 1.2.5
  • Apache Software Foundation Apache 1.3.0
  • Apache Software Foundation Apache 1.3.1
  • Apache Software Foundation Apache 1.3.11
  • Apache Software Foundation Apache 1.3.12
  • Apache Software Foundation Apache 1.3.13
  • Apache Software Foundation Apache 1.3.14
  • Apache Software Foundation Apache 1.3.14 Mac
  • Apache Software Foundation Apache 1.3.15
  • Apache Software Foundation Apache 1.3.16
  • Apache Software Foundation Apache 1.3.17
  • Apache Software Foundation Apache 1.3.18
  • Apache Software Foundation Apache 1.3.19
  • Apache Software Foundation Apache 1.3.20
  • Apache Software Foundation Apache 1.3.22
  • Apache Software Foundation Apache 1.3.3
  • Apache Software Foundation Apache 1.3.4
  • Apache Software Foundation Apache 1.3.6
  • Apache Software Foundation Apache 1.3.7 -Dev
  • Apache Software Foundation Apache 1.3.9
  • Apache Software Foundation Apache 2.0.28 Beta
  • Apache Software Foundation Tomcat 3.0.0
  • Apache Software Foundation Tomcat 3.1.0
  • Apache Software Foundation Tomcat 3.2.0
  • Apache Software Foundation Tomcat 3.2.1
  • Apache Software Foundation Tomcat 3.3.0
  • Apache Software Foundation Tomcat 4.0.0
  • Apache Software Foundation Tomcat 4.0.1
  • Apache Software Foundation Tomcat 4.0.2
  • ArGo Software Design Mail Server 1.7.0 .0.0
  • ArGo Software Design Mail Server 1.7.0 .0.1
  • ArGo Software Design Mail Server 1.7.0 .0.2
  • ArGo Software Design Mail Server 1.7.0 .0.3
  • ArGo Software Design Mail Server 1.7.0 .0.4
  • ArGo Software Design Mail Server 1.8.0 .0.0
  • ArGo Software Design Mail Server 1.8.0 .0.1
  • ArGo Software Design Mail Server 1.8.0 .0.3
  • AscenVision AscenCache Model 1010
  • AscenVision AscenCache Model 3020
  • AscenVision AscenCache Model 5030
  • AscenVision AscenCache Model 7060
  • Astaro Security Linux 3.2.0 00
  • Astaro Security Linux 3.2.0 10
  • Astaro Security Linux 3.2.0 11
  • Astaro Security Linux 3.2.0 12
  • Avirt Gateway 4.2.0
  • Avirt Gateway Suite 3.3.0
  • Avirt Gateway Suite 3.3.0 a
  • Avirt Gateway Suite 3.5.0
  • Avirt Gateway Suite 4.2.0
  • Boramae Boramae Cache Server 3.5.1
  • CacheFlow CacheOS 3.1.0
  • CacheFlow CacheOS 3.1.0 .02
  • CacheFlow CacheOS 3.1.0 .03
  • CacheFlow CacheOS 3.1.0 .04
  • CacheFlow CacheOS 3.1.0 .05
  • CacheFlow CacheOS 3.1.0 .06
  • CacheFlow CacheOS 3.1.0 .07
  • CacheFlow CacheOS 3.1.0 .08
  • CacheFlow CacheOS 3.1.0 .09
  • CacheFlow CacheOS 3.1.0 .10
  • CacheFlow CacheOS 3.1.0 .20
  • CacheFlow CacheOS 3.1.11
  • CacheFlow CacheOS 3.1.12
  • CacheFlow CacheOS 3.1.13
  • CacheFlow CacheOS 3.1.14
  • CacheFlow CacheOS 3.1.15
  • CacheFlow CacheOS 3.1.16
  • CacheFlow CacheOS 3.1.17
  • CacheFlow CacheOS 3.1.18
  • CacheFlow CacheOS 3.1.19
  • CacheFlow CacheOS 3.1.21
  • CacheFlow CacheOS 4.0.0
  • CacheFlow CacheOS 4.0.11
  • CacheFlow CacheOS 4.0.12
  • CacheFlow CacheOS 4.0.13
  • CacheFlow CacheOS 4.0.14
  • CacheFlow CacheOS
  • Check Point Software Firewall-1 4.0.0
  • Check Point Software Firewall-1 4.0.0 SP1
  • Check Point Software Firewall-1 4.0.0 SP2
  • Check Point Software Firewall-1 4.0.0 SP3
  • Check Point Software Firewall-1 4.0.0 SP4
  • Check Point Software Firewall-1 4.0.0 SP5
  • Check Point Software Firewall-1 4.0.0 SP6
  • Check Point Software Firewall-1 4.0.0 SP7
  • Check Point Software Firewall-1 4.0.0 SP8
  • Check Point Software Firewall-1 4.1.0
  • Check Point Software Firewall-1 4.1.0 SP1
  • Check Point Software Firewall-1 4.1.0 SP2
  • Check Point Software Firewall-1 4.1.0 SP3
  • Check Point Software Firewall-1 4.1.0 SP4
  • Check Point Software Firewall-1 4.1.0 SP5
  • CompuSource (Pty) Ltd Power Web Server++ 4.1.0
  • CSM Proxy 4.1.0
  • CSM Proxy 4.2.0
  • CSM Proxy 5.0.0
  • Deerfield.com WebSite 3.1.11 .0
  • Deerfield.com WinGate 4.5.0
  • DeleGate 7.7.0 .0
  • DeleGate 7.7.1
  • DeleGate 7.8.0 .0
  • DeleGate 7.8.1
  • DeleGate 7.8.2
  • Etype Eserv 2.50.0
  • Etype Eserv 2.9.2
  • Etype Eserv 2.92.0
  • Etype Eserv 2.93.0
  • Etype Eserv 2.94.0
  • Etype Eserv 2.95.0
  • Etype Eserv 2.95.0 BETA2
  • Etype Eserv 2.96.0
  • Etype Eserv 2.97.0
  • Etype Eserv 2.98.0
  • FileMaker FileMaker Pro 5.0.0
  • FileMaker FileMaker Pro 5.5.0
  • Finjan SurfinGate 4.0.0
  • Finjan SurfinGate 6.0.0 1
  • Grok Developments NetProxy 4.0.0
  • Grok Developments NetProxy 4.1.0
  • httptunnel client win32
  • IBM HTTP Server 1.3.12 .2
  • IBM HTTP Server 1.3.12 .3
  • IBM HTTP Server 1.3.12 .4
  • IBM HTTP Server 1.3.19
  • IBM HTTP Server 1.3.3 Win32
  • IBM HTTP Server 1.3.6 .2 Unix
  • IBM HTTP Server 1.3.6 .2 Win32
  • IBM HTTP Server 1.3.6 .3
  • IBM HTTP Server 1.3.6 .4 Win32
  • IBM HTTP Server 1.3.6 Win32
  • Imatix Xitami 2.4.0
  • Imatix Xitami 2.4.0 a1
  • Imatix Xitami 2.4.0 b
  • Imatix Xitami 2.4.0 b1
  • Imatix Xitami 2.4.0 d9
  • Imatix Xitami 2.5.0
  • Imatix Xitami 2.5.0 b5
  • Imatix Xitami for Windows 2.4.0 d2
  • Imatix Xitami for Windows 2.4.0 d7
  • Imatix Xitami for Windows 2.4.0 d9
  • Imatix Xitami for Windows 2.5.0 b4
  • Imatix Xitami for Windows 2.5.0 b5
  • Inmon Traffic Server 2.0.0 .15
  • Inmon Traffic Server 2.0.0 .16
  • Inmon Traffic Server 2.0.0 .21
  • Inmon Traffic Server 2.1.6
  • InterGate Proxy/Cache Server 2.9.0
  • Internet Factory Proxy Builder
  • Ipswitch IMail 5.0.0
  • Ipswitch IMail 5.0.5
  • Ipswitch IMail 5.0.6
  • Ipswitch IMail 5.0.7
  • Ipswitch IMail 5.0.8
  • Ipswitch IMail 6.0.0
  • Ipswitch IMail 6.0.1
  • Ipswitch IMail 6.0.2
  • Ipswitch IMail 6.0.3
  • Ipswitch IMail 6.0.4
  • Ipswitch IMail 6.0.5
  • Ipswitch IMail 6.0.6
  • Ipswitch IMail 6.1.0
  • Ipswitch IMail 6.2.0
  • Ipswitch IMail 6.3.0
  • Ipswitch IMail 6.4.0
  • Ipswitch IMail 7.0.1
  • Ipswitch IMail 7.0.2
  • Ipswitch IMail 7.0.3
  • Ipswitch IMail 7.0.4
  • Ipswitch WS FTP Server 1.0.1
  • Ipswitch WS FTP Server 1.0.2
  • Ipswitch WS FTP Server 1.0.3
  • Ipswitch WS FTP Server 1.0.4
  • Ipswitch WS FTP Server 1.0.5
  • Ipswitch WS FTP Server 2.0.0
  • Ipswitch WS FTP Server 2.0.1
  • Ipswitch WS FTP Server 2.0.2
  • Ipswitch WS FTP Server 2.0.3
  • Ipswitch WS FTP Server 2.0.4
  • Ipswitch WS_FTP Server 1.0.1 EVAL
  • Ipswitch WS_FTP Server 1.0.2 EVAL
  • Jana Server 2.0.0
  • Korea Network Intelligence CatchWeb 2000-e
  • Korea Network Intelligence CatchWeb 2000-e plus
  • LiteServe 1.3.0
  • LiteServe 1.31.0
  • LiteServe 1.36.0
  • LiteServe 1.4.0
  • Lotus Domino 4.6.1
  • Lotus Domino 4.6.3
  • Lotus Domino 4.6.4
  • Lotus Domino 5.0.0
  • Lotus Domino 5.0.1
  • Lotus Domino 5.0.2
  • Lotus Domino 5.0.3
  • Lotus Domino 5.0.4
  • Lotus Domino 5.0.5
  • Lotus Domino 5.0.5 -french
  • Lotus Domino 5.0.6
  • Lotus Domino 5.0.7
  • Lotus Domino 5.0.7 a
  • Lotus Domino 5.0.8
  • Lotus Domino 5.0.8 -french
  • Lotus Domino 5.0.9
  • Lotus Domino 5.0.9 a
  • Lotus Domino Enterprise Server 5.0.1
  • Lotus Domino Enterprise Server 5.0.2
  • Lotus Domino Enterprise Server 5.0.2 b
  • Lotus Domino Enterprise Server 5.0.3
  • Lotus Domino Enterprise Server 5.0.4
  • Lotus Domino Server 4.6.0
  • Lotus Domino Server 4.6.0 .x
  • Lotus Domino Server 4.6.6
  • Lotus Domino Server 5.0.0
  • Medusa 20010416
  • Microsoft IIS 1.0
  • Microsoft IIS 2.0
  • Microsoft IIS 3.0
  • Microsoft IIS 4.0
  • Microsoft IIS 4.0 Alpha
  • Microsoft IIS 5.0
  • Microsoft IIS 5.1
  • MyWebServer 1.0.1
  • National Science Foundation Squid Web Proxy 2.0.0
  • National Science Foundation Squid Web Proxy 2.1.0
  • National Science Foundation Squid Web Proxy 2.2.0
  • NCSA httpd 1.0.0
  • NCSA httpd 1.1.0
  • NCSA httpd 1.2.0
  • NCSA httpd 1.3.0
  • NCSA httpd 1.4.0
  • NCSA httpd 1.4.1
  • NCSA httpd 1.4.2
  • NCSA httpd 1.5.0 a-export
  • NCSA httpd 1.5.1
  • NCSA httpd 1.5.2
  • NCSA httpd 1.5.2 a
  • NEC Express5800/SURFNAVI
  • NetApp NetCacheC1100 Series
  • NetApp NetCacheC3100 Series
  • NetApp NetCacheC6100 Series
  • NetApp NetCacheC700 Series
  • NetcPlus BrowseGate 2.80.0
  • NetcPlus BrowseGate 2.80.2
  • Netscape Enterprise Server 2.0.0
  • Netscape Enterprise Server 2.0.0 a
  • Netscape Enterprise Server 2.0.1 C
  • Netscape Enterprise Server 3.0.0
  • Netscape Enterprise Server 3.0.0 L
  • Netscape Enterprise Server 3.0.1 B
  • Netscape Enterprise Server 3.1.0
  • Netscape Enterprise Server 3.2.0
  • Netscape Enterprise Server 3.3.0
  • Netscape Enterprise Server 3.4.0
  • Netscape Enterprise Server 3.5.0
  • Netscape Enterprise Server 3.51.0
  • Netscape Enterprise Server 3.6.0
  • Netscape Enterprise Server 3.6.0 SP1
  • Netscape Enterprise Server 3.6.0 SP2
  • Netscape Enterprise Server 3.6.0 SP3
  • Netscape Enterprise Server 4.0.0
  • Netscape Enterprise Server 4.1.0 SP5
  • Netscape Enterprise Server 4.1.0 SP8
  • Netscape Enterprise Server for NetWare 4/5 3.0.7 a
  • Netscape Enterprise Server for NetWare 4/5 4.1.1
  • Netscape Enterprise Server for NetWare 4/5 5.0.0
  • Netscape Enterprise Server for Solaris 3.5.0
  • Netscape Enterprise Server for Solaris 3.6.0
  • Netscape FastTrack Server 2.0.1
  • Netscape FastTrack Server 2.0.1 a
  • Netscape FastTrack Server 2.0.1 C
  • Netscape FastTrack Server 3.0.1
  • Netscape FastTrack Server 3.0.1 B
  • Netscape FastTrack Server 4.0.1
  • Network Associates Gauntlet Firewall 5.0.0
  • Network Associates Gauntlet Firewall 5.5.0
  • Network Associates WebShield e250
  • Network Associates WebShield e500
  • Network Associates WebShield for Solaris 4.0.0
  • Network Associates WebShield for Solaris 4.1.0
  • Novell BorderManager 3.0.0
  • Novell BorderManager 3.1.0
  • Novell BorderManager 3.2.0
  • Novell BorderManager 3.3.0
  • Novell BorderManager 3.4.0
  • Novell BorderManager 3.5.0
  • Novell BorderManager 3.6.0
  • Novell BorderManager Enterprise Edition 3.5.0
  • Omnicron OmniHTTPD 1.1.0
  • Omnicron OmniHTTPD 2.0.0 Alpha 1
  • Omnicron OmniHTTPD 2.0.0 Alpha 2
  • Omnicron OmniHTTPD 2.0.4
  • Omnicron OmniHTTPD 2.0.5
  • Omnicron OmniHTTPD 2.0.6
  • Omnicron OmniHTTPD 2.0.7
  • Omnicron OmniHTTPD 2.0.8
  • Omnicron OmniHTTPD 2.4.0 Pro
  • Pi-Soft SpoonProxy 1.60.0
  • Pi-Soft SpoonProxy 1.61.0
  • Pi-Soft SpoonProxy 2.0.0
  • Pi-Soft SpoonProxy 2.1.0
  • Pi-Soft SpoonProxy 2.1.1
  • Pi-Soft SpoonProxy 2.2.0
  • Pi-Soft SpoonProxy 2.3.0
  • Pi-Soft SpoonProxy 2.4.50
  • Pi-Soft SpoonProxy 2.5.0
  • Pi-Soft SpoonProxy 2.6.0
  • Pi-Soft SpoonProxy 2.6.0 .13
  • Pi-Soft SpoonProxy 2.6.0 .14
  • Pi-Soft SpoonProxy 2.6.0 .5
  • Pi-Soft SpoonProxy 2.6.0 .6
  • proNETIX Ltd. TopProxy
  • Sambar Server 4.1.0 beta
  • Sambar Server 4.1.0 production
  • Sambar Server 4.2.0 beta 7
  • Sambar Server 4.2.0 beta 8
  • Sambar Server 4.2.1 production
  • Sambar Server 4.3.0
  • Sambar Server 4.3.0 beta 9
  • Sambar Server 4.3.0 production
  • Sambar Server 4.4.0 Beta 3
  • Sambar Server 4.4.0 production
  • Sambar Server 5.0.0 beta1
  • Sambar Server 5.0.0 beta2
  • Sambar Server 5.0.0 beta3
  • Sambar Server 5.0.0 beta4
  • Sambar Server 5.0.0 beta5
  • Sambar Server 5.0.0 beta6
  • Sambar Server 5.1.0
  • SonicWALL GX 2500
  • SonicWALL GX 6500
  • SonicWALL PRO100
  • SonicWALL PRO200
  • SonicWALL PRO300
  • SonicWALL SOHO 4.0.0 .0
  • SonicWALL SOHO 5.0.0 .0
  • SonicWALL SOHO 5.1.5 .0
  • SonicWALL TELE3
  • Symantec I-Gear MS Proxy 3.5.0
  • tinyproxy 1.3.2
  • tinyproxy 1.3.3
  • tinyproxy 1.4.3
  • Trend Micro Interscan Viruswall (Linux) 3.6.0
  • Trend Micro InterScan WebManager 1.2.0
  • Unitech Networks Netplicator
  • W3C httpd 3.0.0

References

  • BugTraq: 4131
  • URL: https://www.kb.cert.org/vuls/id/150227
  • URL: http://www.kb.cert.org/vuls/id/868219

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out