=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN063
_____________________________________________________________________

DATE                      : 24/02/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running HTTP proxy servers.

======================================================================
http://www.kb.cert.org/vuls/id/435052
______________________________________________________________________

Vulnerability Note VU#435052

Intercepting proxy servers may incorrectly rely on HTTP headers to make
connections


Overview

Proxy servers running in transparent interception mode that make connection
decisions based on HTTP host-header values may be used by an attacker to
relay connections.


I. Description

HTTP Host Headers are defined in RFC 2616 and are often used to by
webservers to allow multiple websites to share a single IP address.