Lucene search

[email protected]CVE-2005-2729

HistoryAug 30, 2005 - 11:45 a.m.

CVE-2005-2729

2005-08-3011:45:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

astaro security linux

http proxy

firewall bypass

cve-2005-2729

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.7%

JSON

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

CPENameOperatorVersion
astaro:security_linuxastaro security linuxeq6.001

CPE	Name	Operator	Version
astaro:security_linux	astaro security linux	eq	6.001

References

marc.info/?l=bugtraq&m=112501186602731&w=2

secunia.com/advisories/16578/

www.securityfocus.com/bid/14665

exchange.xforce.ibmcloud.com/vulnerabilities/22021

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.048 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2005-2729

cvelist1