VULHUB ™

A vulnerability has been discovered in Kerio Winroute Firewall that could lead to remote hosts exposing proxy user's authentication credentials. The problem lies in the fact that Winroute fails to rebuild client browser requests sent through the proxy which contain authentication credentials. Instead, the Proxy-Connection field is modified and the HTTP request is simply forwarded to the appropriate server. A malicious administrator could exploit this condition by harvesting Winroute authentication credentials contained within requests originating from within a proxied network or system. Access to this information could lead to future attacks. It should be noted that this is only an issue if authentication is required to make use of the proxy service.

A vulnerability has been discovered in Kerio Winroute Firewall that could lead to remote hosts exposing proxy user's authentication credentials. The problem lies in the fact that Winroute fails to rebuild client browser requests sent through the proxy which contain authentication credentials. Instead, the Proxy-Connection field is modified and the HTTP request is simply forwarded to the appropriate server. A malicious administrator could exploit this condition by harvesting Winroute authentication credentials contained within requests originating from within a proxied network or system. Access to this information could lead to future attacks. It should be noted that this is only an issue if authentication is required to make use of the proxy service.