HTTP: Web Proxy Autodiscovery Protocol Configuration File Request
This signature detects connections to Web Proxy Auto Discovery hosts. An attacker can set up a rogue WPAD service and redirect Web traffic by altering a user's proxy setting. Note: this signature triggers on legitimate connections to WPAD servers. Please refer to your product documentation regarding how to configure your policy to ignore traffic from specific hosts.
Extended Description
Microsoft Web Proxy Auto-Discovery is prone to a vulnerability that may allow attackers to obtain sensitive information that may lead to further attacks.
Affected Products
Microsoft windows_vista
Short Name
HTTP:PROXY:WPAD-CONNECTION
Severity
Info
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Autodiscovery CVE-2007-5355 CVE-2009-0093 CVE-2009-0094 Configuration File Protocol Proxy Request Web bid:26686
Release Date
12/05/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Rarely
Vendors
Microsoft
CVSS Score
3.5
5.5
5.8