Lucene search

MitreCVE-2003-1286

HistoryNov 22, 2005 - 2:00 a.m.

CVE-2003-1286

2005-11-2202:00:00

mitre

web.nvd.nist.gov

cve-2003-1286

http proxy

sambar server

security.ini

remote attackers

proxy requests

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.07

Percentile

94.0%

JSON

HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server’s administrative interface and external web servers, by making a “Connection: keep-alive” request before the proxy requests.

Affected configurations

Nvd

Node

sambarsambar_serverMatch5.0

sambarsambar_serverMatch5.0beta1

sambarsambar_serverMatch5.0beta2

sambarsambar_serverMatch5.0beta3

sambarsambar_serverMatch5.0beta4

sambarsambar_serverMatch5.0beta5

sambarsambar_serverMatch5.0beta6

sambarsambar_serverMatch5.1

sambarsambar_serverMatch5.1beta1

sambarsambar_serverMatch5.1beta2

sambarsambar_serverMatch5.1beta3

sambarsambar_serverMatch5.1beta4

sambarsambar_serverMatch5.1beta5

sambarsambar_serverMatch5.2

sambarsambar_serverMatch5.3

sambarsambar_serverMatch6.0beta1

sambarsambar_serverMatch6.0beta2

sambarsambar_serverMatch6.0beta3

sambarsambar_serverMatch6.0beta4

sambarsambar_serverMatch6.0beta5

VendorProductVersionCPE
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:*:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta1:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta2:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta3:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta4:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta5:*:*:*:*:*:*
sambarsambar_server5.0cpe:2.3:a:sambar:sambar_server:5.0:beta6:*:*:*:*:*:*
sambarsambar_server5.1cpe:2.3:a:sambar:sambar_server:5.1:*:*:*:*:*:*:*
sambarsambar_server5.1cpe:2.3:a:sambar:sambar_server:5.1:beta1:*:*:*:*:*:*
sambarsambar_server5.1cpe:2.3:a:sambar:sambar_server:5.1:beta2:*:*:*:*:*:*

Vendor	Product	Version	CPE
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:::::::*
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta1::::::
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta2::::::
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta3::::::
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta4::::::
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta5::::::
sambar	sambar_server	5.0	cpe:2.3:a:sambar:sambar_server:5.0:beta6::::::
sambar	sambar_server	5.1	cpe:2.3:a:sambar:sambar_server:5.1:::::::*
sambar	sambar_server	5.1	cpe:2.3:a:sambar:sambar_server:5.1:beta1::::::
sambar	sambar_server	5.1	cpe:2.3:a:sambar:sambar_server:5.1:beta2::::::

Rows per page:

1-10 of 201

References

archives.neohapsis.com/archives/bugtraq/2004-04/0353.html

secunia.com/advisories/9578

securitytracker.com/id?1007819

www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=true

www.sambar.com/security.htm

www.securityfocus.com/bid/10256

exchange.xforce.ibmcloud.com/vulnerabilities/16054

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.07

Percentile

94.0%

JSON

Related for CVE-2003-1286