C-Note-06-025: Verity Ultraseek Request Proxying Vulnerability (11/16/06)

This vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability.

This advisory is posted at: http://www.zerodayinitiative.com/advisories/ZDI-06-042.html

Additional link: http://www.zone-h.org/content/view/14368/92/

CIAC would like to thank Zero Day Initiative and Zone-h for this information.