Lucene search

[email protected]CVE-1999-1481

HistoryMar 09, 2002 - 5:00 a.m.

CVE-1999-1481

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-1999-1481

squid 2.2.stable5

external authentication

access controls

security breach.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.9%

JSON

Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.

Affected configurations

NVD

Node

national_science_foundationsquid_web_proxyMatch1.0

national_science_foundationsquid_web_proxyMatch1.0novm

national_science_foundationsquid_web_proxyMatch1.1

national_science_foundationsquid_web_proxyMatch2.1

national_science_foundationsquid_web_proxyMatch2.2

CPENameOperatorVersion
national_science_foundation:squid_web_proxynational science foundation squid web proxyeq1.0
national_science_foundation:squid_web_proxynational science foundation squid web proxyeq1.0novm
national_science_foundation:squid_web_proxynational science foundation squid web proxyeq1.1
national_science_foundation:squid_web_proxynational science foundation squid web proxyeq2.1
national_science_foundation:squid_web_proxynational science foundation squid web proxyeq2.2

CPE	Name	Operator	Version
national_science_foundation:squid_web_proxy	national science foundation squid web proxy	eq	1.0
national_science_foundation:squid_web_proxy	national science foundation squid web proxy	eq	1.0novm
national_science_foundation:squid_web_proxy	national science foundation squid web proxy	eq	1.1
national_science_foundation:squid_web_proxy	national science foundation squid web proxy	eq	2.1
national_science_foundation:squid_web_proxy	national science foundation squid web proxy	eq	2.2

References

www.securityfocus.com/archive/1/33295

www.securityfocus.com/bid/741

www.squid-cache.org/Versions/v2/2.2/bugs/

exchange.xforce.ibmcloud.com/vulnerabilities/3433

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.9%

JSON

Related for CVE-1999-1481

cvelist1 nvd1