CGISecurity Logo

CERT Advisory VU#435052: An Architectural Flaw Involving Transparent Proxies

For the past year in my spare time I've been researching a flaw involving transparent proxies and today CERT has published an advisory for this issue.  If you have a vulnerable proxy on your intranet NOW is the time to patch (details of affected vendors in the cert advisory).

I will be publishing a comprehensive document at a later time outlining additional behaviors not discussed in the CERT advisory. Stay Tuned….

CERT Advisory: http://www.kb.cert.org/vuls/id/435052