CVE-2004-2479

Sažetak

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.

Reference

http://fedoranews.org/updates/FEDORA--.shtml
http://secunia.com/advisories/13408
http://secunia.com/advisories/16977
http://securitytracker.com/id?1012466
http://www.osvdb.org/12282
http://www.redhat.com/support/errata/RHSA-2005-766.html
http://www.securityfocus.com/bid/11865
http://www.squid-cache.org/bugs/show_bug.cgi?id=1143
https://exchange.xforce.ibmcloud.com/vulnerabilities/18406
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-10-2017 - 01:29

Objavljeno

31-12-2004 - 05:00