privoxy -- malicious server spoofing as proxy vulnerability
Privoxy Developers reports:
Proxy authentication headers are removed unless the new directive
enable-proxy-authentication-forwarding is used. Forwarding the
headers potentially allows malicious sites to trick the user into
providing them with login information. Reported by Chris John Riley.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright