PT-1998-1182 · Squid · Squid Internet Object Cache

Publicado

1998-02-20

Atualizado

2017-12-19

CVE-1999-1273

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Squid Internet Object Cache version 1.1.20

Description The issue allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.

Recommendations For Squid Internet Object Cache version 1.1.20, consider updating to a newer version that addresses this issue, as the current version allows users to bypass access control lists. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-1273

Produtos afetados

Squid Internet Object Cache

PT-1998-1182 · Squid · Squid Internet Object Cache

CVE-1999-1273

Identificadores relacionados

Produtos afetados

Referências · 3