| VID |
18035 |
| Severity |
40 |
| Port |
70 |
| Protocol |
TCP |
| Class |
GOPHER |
| Detailed Description |
The remote gopher server is acting as a proxy. This means that anyone can do a request like ftp:any.ftp.site.com@/ and connect to the host any.ftp.site.com through your host. This may allow an intruder to bypass your firewall and this may allow an intruder to use your host as a launch pad for attacking another site. |
| Recommendation |
Disable your gopher server if it running in a firewalled environnement. And in any case, read the documentation of your gopher server to learn how to disable this feature. |
| Related URL |
CVE-1999-0640 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
