UMN Gopherd Unauthorized FTP Proxy

medium Nessus Plugin ID 16194

Synopsis

The remote host is running a Gopher server that is configured as a proxy.

Description

The remote host is running a UMN Gopher server.

It is possible to make the remote server connect to third party FTP sites by sending the request 'ftp://hostname.of.the.ftp.server'.

An attacker may exploit this flaw to connect to use the remote gopher daemon as a proxy to connect to FTP servers without disclosing their IP address.

An attacker could also exploit this flaw to 'ping' the hosts of your network.

Solution

Disable FTP support in the remote gopher server

Plugin Details

Severity: Medium

ID: 16194

File Name: gopher_proxy.nasl

Version: 1.9

Type: remote

Family: Firewalls

Published: 1/18/2005

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

BID: 6782