PT-2002-1156 · Squid · Squid+1

Publicado

2002-03-08

Atualizado

2016-10-18

CVE-2002-0067

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Squid versions 2.4 STABLE3 and earlier

Description The issue is related to the improper disabling of HTCP, which could allow remote attackers to bypass intended access restrictions, even when "htcp port 0" is specified in squid.conf.

Recommendations For Squid versions 2.4 STABLE3 and earlier, consider disabling the HTCP service as a temporary workaround until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0067

Produtos afetados

Squid

Squid Cache

PT-2002-1156 · Squid · Squid+1

CVE-2002-0067

Identificadores relacionados

Produtos afetados

Referências · 13