Sambar Server Proxy IP Filter Bypass

2003-09-25T05:43:49
ID OSVDB:5780
Type osvdb
Reporter 3apa3a(3APA3A@security.nnov.ru)
Modified 2003-09-25T05:43:49

Description

Vulnerability Description

Sambar Server contains a flaw that may allow a malicious user to circumvent proxy access restrictions. The issue is triggered when a specially crafted HTTP/1.1 request is used by an attacker. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity, and/or availability.

Solution Description

Upgrade to version 6.0.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Sambar Server contains a flaw that may allow a malicious user to circumvent proxy access restrictions. The issue is triggered when a specially crafted HTTP/1.1 request is used by an attacker. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity, and/or availability.

Manual Testing Notes

$ nc [victim] 80     GET / HTTP/1.1

GET http://www.example.com HTTP/1.1

References:

Vendor Specific Advisory URL Security Tracker: 1007819 Secunia Advisory ID:9578 Related OSVDB ID: 5781 Related OSVDB ID: 5785 Related OSVDB ID: 5782 Related OSVDB ID: 5783 Related OSVDB ID: 5784 Related OSVDB ID: 5786 Other Advisory URL: http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=108335071417386&w=2 ISS X-Force ID: 13305 CVE-2003-1286 Bugtraq ID: 10256