Lucene search

[email protected]NVD:CVE-2005-2729

HistoryAug 30, 2005 - 11:45 a.m.

CVE-2005-2729

2005-08-3011:45:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.044

Percentile

92.5%

JSON

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

Affected configurations

Nvd

Node

astarosecurity_linuxMatch6.001

VendorProductVersionCPE
astarosecurity_linux6.001cpe:2.3:o:astaro:security_linux:6.001:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
astaro	security_linux	6.001	cpe:2.3:o:astaro:security_linux:6.001:::::::*

References

marc.info/?l=bugtraq&m=112501186602731&w=2

secunia.com/advisories/16578/

www.securityfocus.com/bid/14665

exchange.xforce.ibmcloud.com/vulnerabilities/22021

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.044

Percentile

92.5%

JSON

Related for NVD:CVE-2005-2729

exploitdb1 cvelist1 cve1