We ran a vulnerability scan on our network and the Barracuda is allowing the behavior below. Has anyone run into this before that can offer some insight?
Synopsis: Interactive sessions can be open through the HTTP proxy.
Description: The proxy allows the users to perform POST requests such as POST http://cvs.nessus.org:21 ?without any Content-length tag.??This request may give an attacker the ability to have an interactive session.?This problem may allow attackers to go through your firewall, by connecting to sensitive ports like 23 (telnet) using your proxy, or it can allow internal users to bypass the firewall rules and connect to ports they should not be allowed to. In addition to that, your proxy may be used to perform attacks against other networks.
Solution: Reconfigure your proxy so that only the users of the internal network can use it, and so that it cannot connect to dangerous ports (1-1024).
We haven't seen any exploits, however we are having a third party scan next month and I would like to head this off.