Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-2503

Опубликовано: 11 мар. 2013
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:privoxy:privoxy:*:beta:*:*:*:*:*:*
Версия до 3.0.20 (включая)
cpe:2.3:a:privoxy:privoxy:2.9.0:pre-alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.1:pre-alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.2:pre-alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.3:pre-alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.11:alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.11:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.11:pre-alpha:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.12:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.13:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.14:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:2.9.18:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.5:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.7:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.9:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.13:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.14:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.15:beta:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.16:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.17:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.18:*:*:*:*:*:*:*
cpe:2.3:a:privoxy:privoxy:3.0.19:*:*:*:*:*:*:*

EPSS

Процентиль: 87%
0.03483
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2013-2503

ubuntu
почти 13 лет назад

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.

redhat логотип

CVE-2013-2503

redhat
почти 13 лет назад

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.

debian логотип

CVE-2013-2503

debian
почти 13 лет назад

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and ...

github логотип

GHSA-xwv2-6j43-gjcx

github
больше 3 лет назад

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.

EPSS

Процентиль: 87%
0.03483
Низкий

5.8 Medium

CVSS2

Дефекты

CWE-20