"Transparent proxies allow organizations to influence and monitor thetraffic from its users without their knowledge or participation.Transparent proxies act as intermediaries between a user and enddestination, and aren't generally apparent to users sitting behindthem. Enterprises, Hotels, and Internet Service Providers often usetransparent proxy products to lower bandwidth consumption,speed up pageloads for their users, and for monitoring and filtering of web surfing.When certain transparent proxy architectures are in use an attacker canachieve a partial Same Origin Policy Bypass resulting in access to anyhost reachable by the proxy via the use of client plug-in technologies(such as Flash, Applets, etc) with socket capabilities. This write upwill describe this architecture, how it may be abused by Flash, itsexistence in various network layouts, and mitigations."

Full paper:  http://www.thesecuritypractice.com/the_security_practice/TransparentProxyAbuse.pdf

Full Cert Announcement (look at that product list [\/\/0\/\/!]):
http://www.kb.cert.org/vuls/id/435052

http://www.ietf.org/rfc/rfc2616.txt

http://www.webappsec.org/lists/websecurity/archive/2008-06/msg00073.html

http://www.us-cert.gov/reading_room/securing_browser/

http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14213

http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html

http://www.owasp.org/index.php/Testing_for_HTTP_Methods_and_XST_(OWASP-CM-008)#Black_Box_testing_and_example

http://en.wikipedia.org/w/index.php?title=List_of_TCP_and_UDP_port_numbers&oldid=266934839
Robert Auger from the PayPal Information RiskManagement team reported this issue and provided complete proof of concept technical information.

Nosis| Obnosis | (503)754-4452
PLUG Linux Security Labs 2nd Saturday Each Month@Noon - 3PM


_________________________________________________________________
Windows Live™ Groups: Create an online spot for your favorite groups to meet.
http://windowslive.com/online/groups?ocid=TXT_TAGLM_WL_groups_032009