PT-1999-1734 · Squid · Squid

Publicado

1999-12-31

Atualizado

2017-10-10

CVE-1999-1481

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Squid versions 2.2.STABLE5 and below

Description: The issue allows attackers to bypass access controls when using external authentication. This is achieved by including a newline in the user/password pair.

Recommendations: For Squid versions 2.2.STABLE5 and below, consider disabling external authentication until a patch is available. Restrict access to sensitive areas to minimize the risk of exploitation. Avoid using newline characters in the user/password pair for authentication.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-1481

Produtos afetados

Squid

PT-1999-1734 · Squid · Squid

CVE-1999-1481

Identificadores relacionados

Produtos afetados

Referências · 6