Have you installed mod_proxy on your server? If so you may be
vulnerable. But I do not know how to reconfigure the proxy.
You should scan your web logs after connect attempts. If they return
HTTP 400, there is no problem you have to care about. But there might be
other opinions on that issue. :)

/Uwe

Patrick Marquetecken wrote:

>Hi,
>
>After a security scan of some machines i got this vulnerability warning on
>our apache 2.5x.
>I seem not to find the solution/
>
>
>THREAT:
>The HTTP server or the HTTP proxy server accepts the "CONNECT" method.
>IMPACT:
>By exploiting this vulnerability, unauthorized Internet users may be able
>to connect to your entire internal network using the "CONNECT" method.
>This can also be used by attackers to create tunnels through proxies which
>support this method since such hops are difficult to traceback.
>SOLUTION:
>Reconfigure your server to disable this method or restrict its access.
>
>TIA
>Patrick
>--
>[email protected] mailing list
>
>
>  
>
begin:vcard
fn:Uwe Klosa
n:Klosa;Uwe
org:Uppsala University;Electronic Publishing Centre
adr:;;;Uppsala;;75120;Sweden
email;internet:[EMAIL PROTECTED]
tel;work:+46 (0)18 471 7658
url:http://publications.uu.se/epcentre
version:2.1
end:vcard

Reply via email to