Search...

Privoxy < 3.0.21 Multiple Information Disclosure Vulnerabilities

2013-04-12T00:00:00

ID PRIVOXY_3_0_21.NASL
Type nessus
Reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-03-02T00:00:00

Description

According to its self-identified version number, the Privoxy installed on the remote host is a version prior to 3.0.21. It is, therefore, affected by multiple information disclosure vulnerabilities due to the application not properly handling Proxy-Authenticate and Proxy-Authorization headers. This can allow a remote, malicious HTTP server to spoof the intended proxy service via a 407 (Proxy Authentication Required) HTTP status code and thereby gain access to user credentials.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(65948);
  script_version("1.8");
  script_cvs_date("Date: 2019/11/27");

  script_cve_id("CVE-2013-2503");
  script_bugtraq_id(58425);

  script_name(english:"Privoxy &lt; 3.0.21 Multiple Information Disclosure Vulnerabilities");
  script_summary(english:"Checks the version of Privoxy.");

  script_set_attribute(attribute:"synopsis", value:
"The remote web proxy is affected by multiple information disclosure
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its self-identified version number, the Privoxy installed
on the remote host is a version prior to 3.0.21. It is, therefore,
affected by multiple information disclosure vulnerabilities due to the
application not properly handling Proxy-Authenticate and
Proxy-Authorization headers. This can allow a remote, malicious HTTP
server to spoof the intended proxy service via a 407 (Proxy
Authentication Required) HTTP status code and thereby gain access to
user credentials.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2013/Mar/62");
  # http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.190&view=markup
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3511a155");
  script_set_attribute(attribute:"solution", value:
"Upgrade to version 3.0.21 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2503");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/12");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:privoxy:privoxy");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Firewalls");

  script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("privoxy_detect.nasl");
  script_require_keys("www/Privoxy", "Settings/ParanoidReport");
  script_require_ports("Services/www", 8118);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("webapp_func.inc");

if (report_paranoia &lt; 2) audit(AUDIT_PARANOID);

port = get_http_port(default:8118);
app_name = "Privoxy";

install = get_install_from_kb(
  appname      : app_name,
  port         : port,
  exit_on_fail : TRUE
);

version = install["ver"];
if (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, app_name, port);

install_url = build_url(qs:install["dir"], port:port);
fix = "3.0.21";

# Versions &lt; 3.0.21 are vulnerable
if (ver_compare(ver:version, fix:fix, strict:FALSE) &lt; 0)
{
  if (report_verbosity &gt; 0)
  {
    report =
      '\n  URL               : ' + install_url +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix +
      '\n';
    security_warning(port:port, extra:report);
  }
  else security_warning(port);
}
else audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version);

JSON Vulners Source

Initial Source

{"id": "PRIVOXY_3_0_21.NASL", "bulletinFamily": "scanner", "title": "Privoxy < 3.0.21 Multiple Information Disclosure Vulnerabilities", "description": "According to its self-identified version number, the Privoxy installed\non the remote host is a version prior to 3.0.21. It is, therefore,\naffected by multiple information disclosure vulnerabilities due to the\napplication not properly handling Proxy-Authenticate and\nProxy-Authorization headers. This can allow a remote, malicious HTTP\nserver to spoof the intended proxy service via a 407 (Proxy\nAuthentication Required) HTTP status code and thereby gain access to\nuser credentials.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "published": "2013-04-12T00:00:00", "modified": "2021-03-02T00:00:00", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/65948", "reporter": "This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?3511a155", "https://seclists.org/bugtraq/2013/Mar/62"], "cvelist": ["CVE-2013-2503"], "type": "nessus", "lastseen": "2021-03-01T05:22:43", "edition": 27, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-2503"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29186", "SECURITYVULNS:VULN:12946"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310865487", "OPENVAS:865483", "OPENVAS:1361412562310865483", "OPENVAS:865487"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:120752"]}, {"type": "exploitdb", "idList": ["EDB-ID:38377"]}, {"type": "nessus", "idList": ["FEDORA_2013-3756.NASL", "FEDORA_2013-3753.NASL", "OPENSUSE-2013-242.NASL", "FREEBSD_PKG_AD82B0E9C3D611E5B5FE002590263BF5.NASL"]}, {"type": "freebsd", "idList": ["AD82B0E9-C3D6-11E5-B5FE-002590263BF5"]}, {"type": "fedora", "idList": ["FEDORA:4761920FB4", "FEDORA:5EF9821389"]}], "modified": "2021-03-01T05:22:43", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-03-01T05:22:43", "rev": 2}, "vulnersScore": 5.2}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65948);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\"CVE-2013-2503\");\n script_bugtraq_id(58425);\n\n script_name(english:\"Privoxy < 3.0.21 Multiple Information Disclosure Vulnerabilities\");\n script_summary(english:\"Checks the version of Privoxy.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web proxy is affected by multiple information disclosure\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-identified version number, the Privoxy installed\non the remote host is a version prior to 3.0.21. It is, therefore,\naffected by multiple information disclosure vulnerabilities due to the\napplication not properly handling Proxy-Authenticate and\nProxy-Authorization headers. This can allow a remote, malicious HTTP\nserver to spoof the intended proxy service via a 407 (Proxy\nAuthentication Required) HTTP status code and thereby gain access to\nuser credentials.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2013/Mar/62\");\n # http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.190&view=markup\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3511a155\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 3.0.21 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2503\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/12\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:privoxy:privoxy\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"privoxy_detect.nasl\");\n script_require_keys(\"www/Privoxy\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 8118);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:8118);\napp_name = \"Privoxy\";\n\ninstall = get_install_from_kb(\n appname : app_name,\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = install[\"ver\"];\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, app_name, port);\n\ninstall_url = build_url(qs:install[\"dir\"], port:port);\nfix = \"3.0.21\";\n\n# Versions < 3.0.21 are vulnerable\nif (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version);\n", "naslFamily": "Firewalls", "pluginID": "65948", "cpe": ["cpe:/a:privoxy:privoxy"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:06:52", "description": "Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.", "edition": 6, "cvss3": {}, "published": "2013-03-11T17:55:00", "title": "CVE-2013-2503", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2503"], "modified": "2013-04-11T03:33:00", "cpe": ["cpe:/a:privoxy:privoxy:3.0.11", "cpe:/a:privoxy:privoxy:3.0.8", "cpe:/a:privoxy:privoxy:3.0.12", "cpe:/a:privoxy:privoxy:3.0.10", "cpe:/a:privoxy:privoxy:3.0.18", "cpe:/a:privoxy:privoxy:2.9.14", "cpe:/a:privoxy:privoxy:3.0.13", "cpe:/a:privoxy:privoxy:2.9.18", "cpe:/a:privoxy:privoxy:2.9.1", "cpe:/a:privoxy:privoxy:2.9.16", "cpe:/a:privoxy:privoxy:3.0.3", "cpe:/a:privoxy:privoxy:3.0", "cpe:/a:privoxy:privoxy:3.0.20", "cpe:/a:privoxy:privoxy:3.0.14", "cpe:/a:privoxy:privoxy:2.9.12", "cpe:/a:privoxy:privoxy:2.9.2", "cpe:/a:privoxy:privoxy:3.0.2", "cpe:/a:privoxy:privoxy:3.0.5", "cpe:/a:privoxy:privoxy:3.0.17", "cpe:/a:privoxy:privoxy:2.9.13", "cpe:/a:privoxy:privoxy:3.0.6", "cpe:/a:privoxy:privoxy:3.0.9", "cpe:/a:privoxy:privoxy:2.9.11", "cpe:/a:privoxy:privoxy:2.9.3", "cpe:/a:privoxy:privoxy:3.0.7", "cpe:/a:privoxy:privoxy:3.0.16", "cpe:/a:privoxy:privoxy:3.0.19", "cpe:/a:privoxy:privoxy:2.9.0", "cpe:/a:privoxy:privoxy:3.0.15"], "id": "CVE-2013-2503", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2503", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:privoxy:privoxy:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.15:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.9:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.12:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.11:pre-alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.14:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.11:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.11:alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.20:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.14:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.7:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.1:pre-alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.13:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.3:pre-alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.0:pre-alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.2:pre-alpha:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.5:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:3.0.13:beta:*:*:*:*:*:*", "cpe:2.3:a:privoxy:privoxy:2.9.18:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:47", "bulletinFamily": "software", "cvelist": ["CVE-2013-2503"], "description": "\r\n\r\nPrivoxy Proxy Authentication Credential Exposure\r\n\r\nProduct: Privoxy\r\nProject Homepage: privoxy.org\r\nAdvisory ID: c22-2013-01\r\nVulnerable Version(s): 3.0.20 (and possibly prior)\r\nTested Version: 3.0.20-1 (tested using Debian Sid)\r\nVendor Notification: March 6, 2013\r\nPublic Disclosure: March 11, 2013\r\nVulnerability Type: Insufficiently Protected Credentials [CWE-522]\r\nCVE Reference: CVE-2013-2503\r\nRisk Level: Medium\r\nCVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\r\nDiscovery: Chris John Riley ( http://blog.c22.cc )\r\n\r\nAdvisory Details:\r\n\r\nDuring research into browser and proxy server handling of HTTP\r\nResponse Codes, an issue with the way that Privoxy handles HTTP\r\nResponse code 407 "Proxy Authentication Required" was discovered.\r\nPrivoxy in versions 3.0.20 (and possibly prior) ignores the presence of\r\n"Proxy-Authenticate" and "Proxy-Authorization" headers and allows these\r\nvalues to be passed to and from a remote server without modification.\r\nThe resulting behavior could allow a malicious websites to spoof a\r\nProxy-Authentication response appearing to originate from the Privoxy\r\nservice. The Privoxy user will then be prompted for a username and\r\npassword that appears to originate from the Privoxy software.\r\n\r\nScenario:\r\n\r\n1) A Privoxy user visits a website using a browser of their choice\r\n2) The remote website responds to the request with a 407 "Proxy\r\nAuthentication Required" HTTP response code and the appropriate\r\n"Proxy-Authenticate: Basic" HTTP response header\r\n3) This response is passed through the Privoxy service without\r\nmodification to the users browser\r\n4) As the browser is configured to use a proxy server, the browser\r\nbelieves that the upstream proxy (Privoxy) has requested\r\nauthentication and prompts the user for a username and password. This\r\nprompt states that the proxy server at "127.0.0.1:8118" requires\r\nauthentication (this prompt may vary if Privoxy is running on a\r\nmachine other than localhost and/or on a non-default port number)\r\n5) If the user enters a username and password, the browser will send\r\na request through Privoxy to the remote website with a\r\n"Proxy-Authorization: XXXXXXXX" HTTP request header (where XXXXXXX is\r\na base64 encoded version of the username and password the user\r\nentered at the browsers proxy authentication prompt)\r\n6) The remote website receives this header and can store or re-use\r\nthese captured credentials\r\n\r\nProof of Concept:\r\n\r\nhttp://c22.cc/POC/c22-2013-01.php\r\n\r\nThe above URL will respond with a "Proxy-Authenticate: basic" header\r\nwhen a request is received that does no contain a\r\n"Proxy-Authorization" header. This will prompt the users browser to\r\nrequest a username/password from the user. If you enter a value in the\r\nusername/password box and click ok, it will send a Base64 encoded\r\nversion to the remote website (the server will display the response\r\nheaders at the bottom of the resulting page under request headers (one\r\nof the values will be "Proxy-Authorization" with a base64 encoded\r\nversion of the entered username/password). For a full walkthrough it\r\nis suggested to capture this in your favourite packet capture program\r\nand walk through the requests to view the entire process.\r\n\r\nNote --> The above POC does not store any data sent to the server,\r\nhowever it is suggested to use bogus credentials if testing this proof of\r\nconcept.\r\n\r\nSolution:\r\n\r\nThe following solution was suggested and implemented in Privoxy 3.0.21\r\nstable.\r\n\r\nProxy authentication headers are removed unless the new directive\r\nenable-proxy-authentication-forwarding is used. Forwarding the headers\r\npotentionally allows malicious sites to trick the user into providing\r\nit with login information.\r\n\r\nReferences:\r\nPrivoxy 3.0.21 ChangeLog -->\r\nhttp://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup\r\n\r\nVulnerability Timeline:\r\n\r\nMarch 5, 2013 20:00 - Initial discovery of vulnerability\r\nMarch 6, 2013 14:48 > Emailed Privoxy developer list to request a\r\nsecurity contact\r\nMarch 6, 2013 15:26 < Received response with dedicated security contact\r\ninformation\r\nMarch 6, 2013 16:01 > Emailed details of the vulnerability to security\r\ncontact\r\nMarch 6, 2013 17:19 < Received response acknowledging issue. Fix\r\nindicated in upcoming release\r\nMarch 6, 2013 18:38 > Acknowledged receipt of email and advised of\r\nupdated CVSSv2 score\r\nMarch 7, 2013 15:50 < Received response detailing proposed fix,\r\nincluding link to CVS check-in of new code\r\nMarch 7, 2013 18:48 > Acknowledged receipt of email\r\nMarch 9, 2013 16:54 > Emailed CVE number to security contact and\r\nrequested information on release plans\r\nMarch 10, 2013 14:28 < Received confirmation of release timeline\r\nMarch 10, 2013 14:58 - Release of Privoxy 3.0.21 stable\r\nMarch 11, 2013 07:45 - Release of advisory\r\n", "edition": 1, "modified": "2013-03-13T00:00:00", "published": "2013-03-13T00:00:00", "id": "SECURITYVULNS:DOC:29186", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29186", "title": "Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503", "type": "securityvulns", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "cvelist": ["CVE-2013-2503"], "description": "Proxy-Authenticate and Proxy-Authorization headers are not filtered, making it possible to hijack authentication information.", "edition": 1, "modified": "2013-03-13T00:00:00", "published": "2013-03-13T00:00:00", "id": "SECURITYVULNS:VULN:12946", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12946", "title": "Privoxy information leakage", "type": "securityvulns", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-22T00:00:00", "id": "OPENVAS:1361412562310865487", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865487", "type": "openvas", "title": "Fedora Update for privoxy FEDORA-2013-3753", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for privoxy FEDORA-2013-3753\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100822.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865487\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:37:10 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-2503\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-3753\");\n script_name(\"Fedora Update for privoxy FEDORA-2013-3753\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'privoxy'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"privoxy on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"privoxy\", rpm:\"privoxy~3.0.21~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-03-22T00:00:00", "id": "OPENVAS:1361412562310865483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865483", "type": "openvas", "title": "Fedora Update for privoxy FEDORA-2013-3756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for privoxy FEDORA-2013-3756\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100815.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865483\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:36:57 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-2503\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-3756\");\n script_name(\"Fedora Update for privoxy FEDORA-2013-3756\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'privoxy'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"privoxy on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"privoxy\", rpm:\"privoxy~3.0.21~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-25T10:52:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "description": "Check for the Version of privoxy", "modified": "2017-07-10T00:00:00", "published": "2013-03-22T00:00:00", "id": "OPENVAS:865487", "href": "http://plugins.openvas.org/nasl.php?oid=865487", "type": "openvas", "title": "Fedora Update for privoxy FEDORA-2013-3753", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for privoxy FEDORA-2013-3753\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Privoxy is a web proxy with advanced filtering capabilities for\n protecting privacy, filtering web page content, managing cookies,\n controlling access, and removing ads, banners, pop-ups and other\n obnoxious Internet junk. Privoxy has a very flexible configuration and\n can be customized to suit individual needs and tastes. Privoxy has application\n for both stand-alone systems and multi-user networks.\n\n Privoxy is based on the Internet Junkbuster.\";\n\n\ntag_affected = \"privoxy on Fedora 18\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100822.html\");\n script_id(865487);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:37:10 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-2503\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-3753\");\n script_name(\"Fedora Update for privoxy FEDORA-2013-3753\");\n\n script_summary(\"Check for the Version of privoxy\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"privoxy\", rpm:\"privoxy~3.0.21~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-22T13:09:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "description": "Check for the Version of privoxy", "modified": "2018-01-22T00:00:00", "published": "2013-03-22T00:00:00", "id": "OPENVAS:865483", "href": "http://plugins.openvas.org/nasl.php?oid=865483", "type": "openvas", "title": "Fedora Update for privoxy FEDORA-2013-3756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for privoxy FEDORA-2013-3756\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Privoxy is a web proxy with advanced filtering capabilities for\n protecting privacy, filtering web page content, managing cookies,\n controlling access, and removing ads, banners, pop-ups and other\n obnoxious Internet junk. Privoxy has a very flexible configuration and\n can be customized to suit individual needs and tastes. Privoxy has application\n for both stand-alone systems and multi-user networks.\n\n Privoxy is based on the Internet Junkbuster.\";\n\n\ntag_affected = \"privoxy on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100815.html\");\n script_id(865483);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-22 10:36:57 +0530 (Fri, 22 Mar 2013)\");\n script_cve_id(\"CVE-2013-2503\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-3756\");\n script_name(\"Fedora Update for privoxy FEDORA-2013-3756\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of privoxy\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"privoxy\", rpm:\"privoxy~3.0.21~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:23:48", "description": "", "published": "2013-03-11T00:00:00", "type": "packetstorm", "title": "Privoxy 3.0.20-1 Credential Exposure", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-2503"], "modified": "2013-03-11T00:00:00", "id": "PACKETSTORM:120752", "href": "https://packetstormsecurity.com/files/120752/Privoxy-3.0.20-1-Credential-Exposure.html", "sourceData": "`Privoxy Proxy Authentication Credential Exposure \n \nProduct: Privoxy \nProject Homepage: privoxy.org \nAdvisory ID: c22-2013-01 \nVulnerable Version(s): 3.0.20 (and possibly prior) \nTested Version: 3.0.20-1 (tested using Debian Sid) \nVendor Notification: March 6, 2013 \nPublic Disclosure: March 11, 2013 \nVulnerability Type: Insufficiently Protected Credentials [CWE-522] \nCVE Reference: CVE-2013-2503 \nRisk Level: Medium \nCVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) \nDiscovery: Chris John Riley ( http://blog.c22.cc ) \n \nAdvisory Details: \n \nDuring research into browser and proxy server handling of HTTP \nResponse Codes, an issue with the way that Privoxy handles HTTP \nResponse code 407 \"Proxy Authentication Required\" was discovered. \nPrivoxy in versions 3.0.20 (and possibly prior) ignores the presence of \n\"Proxy-Authenticate\" and \"Proxy-Authorization\" headers and allows these \nvalues to be passed to and from a remote server without modification. \nThe resulting behavior could allow a malicious websites to spoof a \nProxy-Authentication response appearing to originate from the Privoxy \nservice. The Privoxy user will then be prompted for a username and \npassword that appears to originate from the Privoxy software. \n \nScenario: \n \n1) A Privoxy user visits a website using a browser of their choice \n2) The remote website responds to the request with a 407 \"Proxy \nAuthentication Required\" HTTP response code and the appropriate \n\"Proxy-Authenticate: Basic\" HTTP response header \n3) This response is passed through the Privoxy service without \nmodification to the users browser \n4) As the browser is configured to use a proxy server, the browser \nbelieves that the upstream proxy (Privoxy) has requested \nauthentication and prompts the user for a username and password. This \nprompt states that the proxy server at \"127.0.0.1:8118\" requires \nauthentication (this prompt may vary if Privoxy is running on a \nmachine other than localhost and/or on a non-default port number) \n5) If the user enters a username and password, the browser will send \na request through Privoxy to the remote website with a \n\"Proxy-Authorization: XXXXXXXX\" HTTP request header (where XXXXXXX is \na base64 encoded version of the username and password the user \nentered at the browsers proxy authentication prompt) \n6) The remote website receives this header and can store or re-use \nthese captured credentials \n \nProof of Concept: \n \nhttp://c22.cc/POC/c22-2013-01.php \n \nThe above URL will respond with a \"Proxy-Authenticate: basic\" header \nwhen a request is received that does no contain a \n\"Proxy-Authorization\" header. This will prompt the users browser to \nrequest a username/password from the user. If you enter a value in the \nusername/password box and click ok, it will send a Base64 encoded \nversion to the remote website (the server will display the response \nheaders at the bottom of the resulting page under request headers (one \nof the values will be \"Proxy-Authorization\" with a base64 encoded \nversion of the entered username/password). For a full walkthrough it \nis suggested to capture this in your favourite packet capture program \nand walk through the requests to view the entire process. \n \nNote --> The above POC does not store any data sent to the server, \nhowever it is suggested to use bogus credentials if testing this proof of \nconcept. \n \nSolution: \n \nThe following solution was suggested and implemented in Privoxy 3.0.21 \nstable. \n \nProxy authentication headers are removed unless the new directive \nenable-proxy-authentication-forwarding is used. Forwarding the headers \npotentionally allows malicious sites to trick the user into providing \nit with login information. \n \nReferences: \nPrivoxy 3.0.21 ChangeLog --> \nhttp://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup \n \nVulnerability Timeline: \n \nMarch 5, 2013 20:00 - Initial discovery of vulnerability \nMarch 6, 2013 14:48 > Emailed Privoxy developer list to request a \nsecurity contact \nMarch 6, 2013 15:26 < Received response with dedicated security contact \ninformation \nMarch 6, 2013 16:01 > Emailed details of the vulnerability to security \ncontact \nMarch 6, 2013 17:19 < Received response acknowledging issue. Fix \nindicated in upcoming release \nMarch 6, 2013 18:38 > Acknowledged receipt of email and advised of \nupdated CVSSv2 score \nMarch 7, 2013 15:50 < Received response detailing proposed fix, \nincluding link to CVS check-in of new code \nMarch 7, 2013 18:48 > Acknowledged receipt of email \nMarch 9, 2013 16:54 > Emailed CVE number to security contact and \nrequested information on release plans \nMarch 10, 2013 14:28 < Received confirmation of release timeline \nMarch 10, 2013 14:58 - Release of Privoxy 3.0.21 stable \nMarch 11, 2013 07:45 - Release of advisory \n \n-- \n-- \n\u0095 Chris John Riley \u0095 \n\u0095 http://blog.c22.cc \u0095 \n-- \n------------------------------------------ \nAll emails ROT-26 encrypted \n------------------------------------------ \n`\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/120752/privoxy-disclose.txt"}], "exploitdb": [{"lastseen": "2016-02-04T07:57:31", "description": "Privoxy Proxy Authentication Information Disclosure Vulnerabilities. CVE-2013-2503. Webapps exploit for php platform", "published": "2013-03-11T00:00:00", "type": "exploitdb", "title": "Privoxy Proxy Authentication Information Disclosure Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-2503"], "modified": "2013-03-11T00:00:00", "id": "EDB-ID:38377", "href": "https://www.exploit-db.com/exploits/38377/", "sourceData": "source: http://www.securityfocus.com/bid/58425/info\r\n\r\nPrivoxy is prone to multiple information-disclosure vulnerabilities.\r\n\r\nAttackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This may aid in further attacks.\r\n\r\nPrivoxy 3.0.20 is affected; other versions may also be vulnerable. \r\n\r\nResponse Code (current).: 407\r\n\r\nResponse Headers (as seen by your browser).:\r\n\r\nHTTP/1.1 407 Proxy Authentication Required\r\nDate: Mon, 11 Mar 2013 17:01:59 GMT\r\nServer: ./msfcli auxiliary/server/capture/http set SRVPORT=80\r\nProxy-Authenticate: Basic\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 571\r\nKeep-Alive: timeout=15, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\nRequest Headers (as seen by the remote website)\r\n\r\nHost: c22.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:19.0) Gecko/20100101 Firefox/19.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.example.com/\r\nConnection: keep-alive\r\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/38377/"}], "nessus": [{"lastseen": "2021-01-06T10:57:12", "description": "Privoxy Developers reports :\n\nProxy authentication headers are removed unless the new directive\nenable-proxy-authentication-forwarding is used. Forwarding the headers\npotentially allows malicious sites to trick the user into providing\nthem with login information. Reported by Chris John Riley.", "edition": 24, "published": "2016-01-26T00:00:00", "title": "FreeBSD : privoxy -- malicious server spoofing as proxy vulnerability (ad82b0e9-c3d6-11e5-b5fe-002590263bf5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "modified": "2016-01-26T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:privoxy", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_AD82B0E9C3D611E5B5FE002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/88152", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88152);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-2503\");\n\n script_name(english:\"FreeBSD : privoxy -- malicious server spoofing as proxy vulnerability (ad82b0e9-c3d6-11e5-b5fe-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Privoxy Developers reports :\n\nProxy authentication headers are removed unless the new directive\nenable-proxy-authentication-forwarding is used. Forwarding the headers\npotentially allows malicious sites to trick the user into providing\nthem with login information. Reported by Chris John Riley.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=176813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.privoxy.org/3.0.21/user-manual/whatsnew.html\"\n );\n # https://vuxml.freebsd.org/freebsd/ad82b0e9-c3d6-11e5-b5fe-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e5b1c40\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:privoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"privoxy<3.0.21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T10:11:45", "description": "Common Vulnerabilities and Exposures assigned an identifier\nCVE-2013-2503 to the following vulnerability :\n\nPrivoxy before 3.0.21 does not properly handle Proxy-Authenticate and\nProxy-Authorization headers in the client-server data stream, which\nmakes it easier for remote HTTP servers to spoof the intended proxy\nservice via a 407 (aka Proxy Authentication Required) HTTP status\ncode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-03-22T00:00:00", "title": "Fedora 17 : privoxy-3.0.21-1.fc17 (2013-3756)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "modified": "2013-03-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:privoxy"], "id": "FEDORA_2013-3756.NASL", "href": "https://www.tenable.com/plugins/nessus/65649", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3756.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65649);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2503\");\n script_bugtraq_id(58425);\n script_xref(name:\"FEDORA\", value:\"2013-3756\");\n\n script_name(english:\"Fedora 17 : privoxy-3.0.21-1.fc17 (2013-3756)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Common Vulnerabilities and Exposures assigned an identifier\nCVE-2013-2503 to the following vulnerability :\n\nPrivoxy before 3.0.21 does not properly handle Proxy-Authenticate and\nProxy-Authorization headers in the client-server data stream, which\nmakes it easier for remote HTTP servers to spoof the intended proxy\nservice via a 407 (aka Proxy Authentication Required) HTTP status\ncode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://blog.c22.cc/2013/03/11/privoxy-proxy-authentication-credential-exposure-CVE-2013-2503/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b82e7d9e\"\n );\n # http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c03c036f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/100815.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f7122ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected privoxy package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:privoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"privoxy-3.0.21-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"privoxy\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T10:11:45", "description": "Common Vulnerabilities and Exposures assigned an identifier\nCVE-2013-2503 to the following vulnerability :\n\nPrivoxy before 3.0.21 does not properly handle Proxy-Authenticate and\nProxy-Authorization headers in the client-server data stream, which\nmakes it easier for remote HTTP servers to spoof the intended proxy\nservice via a 407 (aka Proxy Authentication Required) HTTP status\ncode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-03-22T00:00:00", "title": "Fedora 18 : privoxy-3.0.21-1.fc18 (2013-3753)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "modified": "2013-03-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:privoxy"], "id": "FEDORA_2013-3753.NASL", "href": "https://www.tenable.com/plugins/nessus/65648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3753.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65648);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2503\");\n script_bugtraq_id(58425);\n script_xref(name:\"FEDORA\", value:\"2013-3753\");\n\n script_name(english:\"Fedora 18 : privoxy-3.0.21-1.fc18 (2013-3753)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Common Vulnerabilities and Exposures assigned an identifier\nCVE-2013-2503 to the following vulnerability :\n\nPrivoxy before 3.0.21 does not properly handle Proxy-Authenticate and\nProxy-Authorization headers in the client-server data stream, which\nmakes it easier for remote HTTP servers to spoof the intended proxy\nservice via a 407 (aka Proxy Authentication Required) HTTP status\ncode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://blog.c22.cc/2013/03/11/privoxy-proxy-authentication-credential-exposure-CVE-2013-2503/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b82e7d9e\"\n );\n # http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/ChangeLog?revision=1.188&view=markup\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c03c036f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/100822.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9415a75\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected privoxy package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:privoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"privoxy-3.0.21-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"privoxy\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-20T12:26:26", "description": "privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 (bnc#809123)\n\n - changes in 3.0.21\n\n - On POSIX-like platforms, network sockets with file\n descriptor values above FD_SETSIZE are properly\n rejected. Previously they could cause memory corruption\n in configurations that allowed the limit to be reached.\n\n - Proxy authentication headers are removed unless the new\n directive enable-proxy-authentication-forwarding is\n used. Forwarding the headers potentionally allows\n malicious sites to trick the user into providing them\n with login information. Reported by Chris John Riley.\n\n - Compiles on OS/2 again now that unistd.h is only\n included on platforms that have it.\n\n - The show-status page shows the\n FEATURE_STRPTIME_SANITY_CHECKS status.\n\n - A couple of assert()s that could theoretically\n dereference NULL pointers in debug builds have been\n relocated.\n\n - Added an LSB info block to the generic start script.\n Based on a patch from Natxo Asenjo.\n\n - The max-client-connections default has been changed to\n 128 which should be more than enough for most setups.\n\n - Block rover.ebay./ar.*\\&adtype= instead of\n '/.*\\&adtype=' which caused too man false positives.\n Reported by u302320 in #360284, additional feedback from\n Adam Piggott.\n\n - Unblock '.advrider.com/' and '/.*ADVrider'. Anonymously\n reported in #3603636.\n\n - Stop blocking '/js/slider\\.js'. Reported by Adam Piggott\n in #3606635 and _lvm in #2791160.\n\n - Added an iframes filter.\n\n - The whole GPLv2 text is included in the user manual now,\n so Privoxy can serve it itself and the user can read it\n without having to wade through GPLv3 ads first.\n\n - Properly numbered and underlined a couple of section\n titles in the config that where previously overlooked\n due to a flaw in the conversion script. Reported by Ralf\n Jungblut.\n\n - Improved the support instruction to hopefully make it\n harder to unintentionally provide insufficient\n information when requesting support. Previously it\n wasn't obvious that the information we need in bug\n reports is usually also required in support requests.\n\n - Removed documentation about packages that haven't been\n provided in years.\n\n - Only log the test number when not running in verbose\n mode The position of the test is rarely relevant and it\n previously\n\n - for full list of changes see ChangeLog file shipped\n together with this package", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : privoxy (openSUSE-2013-242)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2503"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:privoxy-debuginfo", "p-cpe:/a:novell:opensuse:privoxy-debugsource", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:privoxy"], "id": "OPENSUSE-2013-242.NASL", "href": "https://www.tenable.com/plugins/nessus/74941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-242.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74941);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-2503\");\n\n script_name(english:\"openSUSE Security Update : privoxy (openSUSE-2013-242)\");\n script_summary(english:\"Check for the openSUSE-2013-242 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 (bnc#809123)\n\n - changes in 3.0.21\n\n - On POSIX-like platforms, network sockets with file\n descriptor values above FD_SETSIZE are properly\n rejected. Previously they could cause memory corruption\n in configurations that allowed the limit to be reached.\n\n - Proxy authentication headers are removed unless the new\n directive enable-proxy-authentication-forwarding is\n used. Forwarding the headers potentionally allows\n malicious sites to trick the user into providing them\n with login information. Reported by Chris John Riley.\n\n - Compiles on OS/2 again now that unistd.h is only\n included on platforms that have it.\n\n - The show-status page shows the\n FEATURE_STRPTIME_SANITY_CHECKS status.\n\n - A couple of assert()s that could theoretically\n dereference NULL pointers in debug builds have been\n relocated.\n\n - Added an LSB info block to the generic start script.\n Based on a patch from Natxo Asenjo.\n\n - The max-client-connections default has been changed to\n 128 which should be more than enough for most setups.\n\n - Block rover.ebay./ar.*\\&adtype= instead of\n '/.*\\&adtype=' which caused too man false positives.\n Reported by u302320 in #360284, additional feedback from\n Adam Piggott.\n\n - Unblock '.advrider.com/' and '/.*ADVrider'. Anonymously\n reported in #3603636.\n\n - Stop blocking '/js/slider\\.js'. Reported by Adam Piggott\n in #3606635 and _lvm in #2791160.\n\n - Added an iframes filter.\n\n - The whole GPLv2 text is included in the user manual now,\n so Privoxy can serve it itself and the user can read it\n without having to wade through GPLv3 ads first.\n\n - Properly numbered and underlined a couple of section\n titles in the config that where previously overlooked\n due to a flaw in the conversion script. Reported by Ralf\n Jungblut.\n\n - Improved the support instruction to hopefully make it\n harder to unintentionally provide insufficient\n information when requesting support. Previously it\n wasn't obvious that the information we need in bug\n reports is usually also required in support requests.\n\n - Removed documentation about packages that haven't been\n provided in years.\n\n - Only log the test number when not running in verbose\n mode The position of the test is rarely relevant and it\n previously\n\n - for full list of changes see ChangeLog file shipped\n together with this package\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809123\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected privoxy packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:privoxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:privoxy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:privoxy-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"privoxy-3.0.21-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"privoxy-debuginfo-3.0.21-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"privoxy-debugsource-3.0.21-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"privoxy-3.0.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"privoxy-debuginfo-3.0.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"privoxy-debugsource-3.0.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"privoxy-3.0.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"privoxy-debuginfo-3.0.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"privoxy-debugsource-3.0.21-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"privoxy\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2503"], "description": "\nPrivoxy Developers reports:\n\nProxy authentication headers are removed unless the new directive\n\t enable-proxy-authentication-forwarding is used. Forwarding the\n\t headers potentially allows malicious sites to trick the user into\n\t providing them with login information. Reported by Chris John Riley.\n\t \n\n", "edition": 4, "modified": "2013-03-07T00:00:00", "published": "2013-03-07T00:00:00", "id": "AD82B0E9-C3D6-11E5-B5FE-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/ad82b0e9-c3d6-11e5-b5fe-002590263bf5.html", "title": "privoxy -- malicious server spoofing as proxy vulnerability", "type": "freebsd", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2503"], "description": "Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has applicat ion for both stand-alone systems and multi-user networks. Privoxy is based on the Internet Junkbuster. ", "modified": "2013-03-22T00:39:23", "published": "2013-03-22T00:39:23", "id": "FEDORA:5EF9821389", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: privoxy-3.0.21-1.fc18", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2503"], "description": "Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has applicat ion for both stand-alone systems and multi-user networks. Privoxy is based on the Internet Junkbuster. ", "modified": "2013-03-22T00:33:57", "published": "2013-03-22T00:33:57", "id": "FEDORA:4761920FB4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: privoxy-3.0.21-1.fc17", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}]}

Privoxy &lt; 3.0.21 Multiple Information Disclosure Vulnerabilities

Description

Privoxy < 3.0.21 Multiple Information Disclosure Vulnerabilities