Have you installed mod_proxy on your server? If so you may be vulnerable. But I do not know how to reconfigure the proxy. You should scan your web logs after connect attempts. If they return HTTP 400, there is no problem you have to care about. But there might be other opinions on that issue. :)
/Uwe Patrick Marquetecken wrote: >Hi, > >After a security scan of some machines i got this vulnerability warning on >our apache 2.5x. >I seem not to find the solution/ > > >THREAT: >The HTTP server or the HTTP proxy server accepts the "CONNECT" method. >IMPACT: >By exploiting this vulnerability, unauthorized Internet users may be able >to connect to your entire internal network using the "CONNECT" method. >This can also be used by attackers to create tunnels through proxies which >support this method since such hops are difficult to traceback. >SOLUTION: >Reconfigure your server to disable this method or restrict its access. > >TIA >Patrick >-- >[email protected] mailing list > > > >
begin:vcard fn:Uwe Klosa n:Klosa;Uwe org:Uppsala University;Electronic Publishing Centre adr:;;;Uppsala;;75120;Sweden email;internet:[EMAIL PROTECTED] tel;work:+46 (0)18 471 7658 url:http://publications.uu.se/epcentre version:2.1 end:vcard

