Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2503HistoryMar 11, 2013 - 5:55 p.m.
CVE-2013-2503
2013-03-1117:55:01
Debian Security Bug Tracker
security-tracker.debian.org
15
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.014
Percentile
86.6%
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | privoxy | < 3.0.21-1 | privoxy_3.0.21-1_all.deb |
| Debian | 11 | all | privoxy | < 3.0.21-1 | privoxy_3.0.21-1_all.deb |
| Debian | 999 | all | privoxy | < 3.0.21-1 | privoxy_3.0.21-1_all.deb |
| Debian | 13 | all | privoxy | < 3.0.21-1 | privoxy_3.0.21-1_all.deb |
Related
prion
prion
Code injection
2013-03-11 17:55:00
packetstorm
packetstorm
Privoxy 3.0.20-1 Credential Exposure
2013-03-11 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: privoxy-3.0.21-1.fc18
2013-03-22 00:39:23
[SECURITY] Fedora 17 Update: privoxy-3.0.21-1.fc17
2013-03-22 00:33:57
exploitdb
exploitdb
Privoxy Proxy - Authentication Information Disclosure
2013-03-11 00:00:00
nessus
nessus
Fedora 18 : privoxy-3.0.21-1.fc18 (2013-3753)
2013-03-22 00:00:00
openSUSE Security Update : privoxy (openSUSE-2013-242)
2014-06-13 00:00:00
Fedora 17 : privoxy-3.0.21-1.fc17 (2013-3756)
2013-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2013-2503
2013-03-11 00:00:00
nvd
nvd
CVE-2013-2503
2013-03-11 17:55:01
openvas
openvas
Fedora Update for privoxy FEDORA-2013-3756
2013-03-22 00:00:00
Fedora Update for privoxy FEDORA-2013-3753
2013-03-22 00:00:00
Fedora Update for privoxy FEDORA-2013-3753
2013-03-22 00:00:00
cve
cve
CVE-2013-2503
2013-03-11 17:55:01
securityvulns
securityvulns
Privoxy information leakage
2013-03-13 00:00:00
Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503
2013-03-13 00:00:00
cvelist
cvelist
CVE-2013-2503
2013-03-11 17:00:00
freebsd
freebsd
privoxy -- malicious server spoofing as proxy vulnerability
2013-03-07 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.014
Percentile
86.6%
Related for DEBIANCVE:CVE-2013-2503