WebWasher Classic HTTP CONNECT Unauthorized Access Weakness

It is reported that WebWasher Classic is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer.

This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack.

WebWasher Classic 3.3 and 2.2.1 are reported prone to this weakness. Other versions may be affected as well.


 

Privacy Statement
Copyright 2010, SecurityFocus