1. CVE-Search
  2. CVE-2002-0067
ID CVE-2002-0067
Summary Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
References
Vulnerable Configurations
  • cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
    cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
    cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2016 - 02:15)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2002:029
refmap via4
bid 4150
bugtraq
  • 20020221 Squid HTTP Proxy Security Update Advisory 2002:1
  • 20020222 TSLSA-2002-0031 - squid
caldera CSSA-2002-SCO.7
conectiva CLA-2002:464
confirm http://www.squid-cache.org/Versions/v2/2.4/bugs/
freebsd FreeBSD-SA-02:12
mandrake MDKSA-2002:016
osvdb 5379
xf squid-htcp-enabled(8261)
Last major update 18-10-2016 - 02:15
Published 08-03-2002 - 05:00
Last modified 18-10-2016 - 02:15
Back to Top