Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31121
HistorySep 29, 2014 - 12:00 a.m.

Glype proxy local address filter bypass

2014-09-2900:00:00
vulners.com
166
JSON

Glype proxy local address filter bypass

Securify, September 2014

Abstract

A vulnerability has been identified in the Glype web-based proxy. Glype
has a filter to disallow users from surfing to local addresses, to
prevents users from attacking the local server/network Glype is running
on. The filter can easily be bypassed by using IPs in decimal form.

Affected versions

This issue has been identified in Glype 1.4.9. Older version are most
likely affected as well.

Fix

Glype was informed and a fixed version (1.4.10) is now available at
www.glype.com

Details

http://www.securify.nl/advisory/SFY20140902/glype_proxy_local_address_filter_bypass.html

JSON