Securify, September 2014
A vulnerability has been identified in the Glype web-based proxy. Glype
has a filter to disallow users from surfing to local addresses, to
prevents users from attacking the local server/network Glype is running
on. The filter can easily be bypassed by using IPs in decimal form.
This issue has been identified in Glype 1.4.9. Older version are most
likely affected as well.
Glype was informed and a fixed version (1.4.10) is now available at
www.glype.com
http://www.securify.nl/advisory/SFY20140902/glype_proxy_local_address_filter_bypass.html