Security Advisory
Title: Open Proxy Relay Vulnerability
Tenebril Security Advisory ID: TE2005101
Date:
Critical: Less Critical
Risk: Low
Users may inadvertently be subject to forwarding data for those with malicious intent. Impact includes potential consumption of bandwidth by unauthorized parties who successfully exploit the vulnerability.
THERE HAS BEEN NO RISK TO USER CONFIDENTIAL DATA OR COMMAND AND CONTROL OF THE LOCAL HOST REPORTED OR KNOWN.
Description: A vulnerability has been reported by MyNetWatchman, allowing malicious people to relay connections.
Effected Users: Users who are not behind a properly configured firewall (local or gateway) or NAT, or those with persistent outward facing IP addresses using the below mentioned software versions.
Solution: Patch available for all versions; installable executable available at http://download.tenebril.com/pub/bin/GhostSurf-Security-Patch.exe.
Effected Products
- GhostSurf
- GhostSurf Express
- GhostSurf 2.0
- GhostSurf Pro
- GhostSurf Privacy Edition
- GhostSurf Adblock Edition
- GhostSurf Upgrade
- GhostSurf 2005 Platinum
- GhostSurf 2005 Standard
- GhostSurf 2006 Platinum
Discovered by: Lawrence Baldwin
Thanks to Lawrence Baldwin and MyNetWatchman for their assistance.