PT-2007-2646 · Netproxy · Netproxy

Craig Heffner

Publicado

2007-03-02

Atualizado

2017-10-11

CVE-2007-1225

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NetProxy version 4.03

Description The connection log file implementation does not record requests that omit http:// in a URL, which might allow remote attackers to conduct unauthorized activities and avoid detection.

Recommendations For NetProxy version 4.03, update the connection log file implementation to record all requests, including those that omit http:// in a URL, to prevent unauthorized activities from going undetected.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-1225

Produtos afetados

Netproxy

PT-2007-2646 · Netproxy · Netproxy

CVE-2007-1225

Identificadores relacionados

Produtos afetados

Referências · 6