Lucene search
HistoryMar 11, 2013 - 5:55 p.m.
CVE-2013-2503
privoxy
proxy
spoofing
vulnerability
cve-2013-2503
nvd
6.2 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.02 Low
EPSS
Percentile
88.7%
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.
Related
packetstorm
packetstorm
Privoxy 3.0.20-1 Credential Exposure
2013-03-11 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: privoxy-3.0.21-1.fc18
2013-03-22 00:39:23
[SECURITY] Fedora 17 Update: privoxy-3.0.21-1.fc17
2013-03-22 00:33:57
prion
prion
Code injection
2013-03-11 17:55:00
nessus
nessus
Privoxy < 3.0.21 Multiple Information Disclosure Vulnerabilities
2013-04-12 00:00:00
Fedora 17 : privoxy-3.0.21-1.fc17 (2013-3756)
2013-03-22 00:00:00
securityvulns
securityvulns
Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
2013-03-13 00:00:00
Privoxy information leakage
2013-03-13 00:00:00
openvas
openvas
Fedora Update for privoxy FEDORA-2013-3756
2013-03-22 00:00:00
Fedora Update for privoxy FEDORA-2013-3753
2013-03-22 00:00:00
Fedora Update for privoxy FEDORA-2013-3753
2013-03-22 00:00:00
freebsd
freebsd
privoxy -- malicious server spoofing as proxy vulnerability
2013-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2013-2503
2013-03-11 00:00:00
debiancve
debiancve
CVE-2013-2503
2013-03-11 17:55:00
6.2 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.02 Low
EPSS
Percentile
88.7%
Related for CVE-2013-2503