VULHUB ™

CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. CacheOS includes support for the HTTP CONNECT method, which can be used to tunnel arbitrary TCP connections through a HTTP request. This method is documented in detail in RFC 2817, where it is used to build up a generic mechanism for implementing Transit Layer Security (TLS) over HTTP. It has been reported that CacheFlow proxies allow access to arbitrary machines and ports within the internal network through the use of a CONNECT request for the internal system. Upon recieving a CONNECT request, the CacheFlow server acts as a TCP proxy, tunneling the conversation. This can be used to launch attacks against internal machines or to, for example, use an internal mail server as an open relay.

CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. CacheOS includes support for the HTTP CONNECT method, which can be used to tunnel arbitrary TCP connections through a HTTP request. This method is documented in detail in RFC 2817, where it is used to build up a generic mechanism for implementing Transit Layer Security (TLS) over HTTP. It has been reported that CacheFlow proxies allow access to arbitrary machines and ports within the internal network through the use of a CONNECT request for the internal system. Upon recieving a CONNECT request, the CacheFlow server acts as a TCP proxy, tunneling the conversation. This can be used to launch attacks against internal machines or to, for example, use an internal mail server as an open relay.