> Have you installed mod_proxy on your server? If so you may be > vulnerable. But I do not know how to reconfigure the proxy. > You should scan your web logs after connect attempts. If they return HTTP 400, there is no problem you have to care about. But there might be other opinions on that issue. :) > > /Uwe
Indeed, the machine is a reverse proxy to protect our Exchange. I will check the logs more carefully. Patrick > > Patrick Marquetecken wrote: > >>Hi, >> >>After a security scan of some machines i got this vulnerability warning >> on >>our apache 2.5x. >>I seem not to find the solution/ >> >> >>THREAT: >>The HTTP server or the HTTP proxy server accepts the "CONNECT" method. IMPACT: >>By exploiting this vulnerability, unauthorized Internet users may be able to connect to your entire internal network using the "CONNECT" method. This can also be used by attackers to create tunnels through proxies >> which >>support this method since such hops are difficult to traceback. >>SOLUTION: >>Reconfigure your server to disable this method or restrict its access. >> >>TIA >>Patrick >>-- >>[email protected] mailing list >> >> >> >> > -- aaaaa -- aaaaa -- [email protected] mailing list

