Security News > 2020 > November > Apple search bot leaked internal IPs via proxy configuration

Apple search bot leaked internal IPs via proxy configuration
2020-11-04 13:50

A proxy request may contain the X-Forwarded-For or Via HTTP headers revealing the source device's IP address, and inform the destination that the request is coming from a proxy.

Last month, Security researcher and podcast creator David Coomber found out that Applebot had been using a proxy that leaked Apple's internal IP addresses.

"Although I've seen a couple of bots that were misconfigured, I was surprised to see Apple's Podcast bot look for updates to my podcast using a proxy which leaked internal IPs and hostnames from the 'Via' & 'X-Forwarded-For' headers," Coomber continued in his blog post.

Coomber told BleepingComputer, "I provided the details to the Apple Product Security team on December 21, 2019. Once they confirmed the issue, I worked with them to remove the 'Via' and 'X-Forwarded-For' headers from their internal proxy infrastructure, which is configured to scan for updates to content available on Apple Podcasts."

The recommended method to prevent originating IPs from being exposed in the HTTP requests made by proxy is to inspect your proxy server's configuration.


News URL

https://www.bleepingcomputer.com/news/security/apple-search-bot-leaked-internal-ips-via-proxy-configuration/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 131 588 4229 1618 2406 8841