Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1481

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-1999-1481
Last Modified 07 Mar 2011 09:02:13
Published 31 Dec 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1481

Summary

Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.

Vulnerable Systems

Application

  • National Science Foundation Squid Web Proxy 1.0

  • National Science Foundation Squid Web Proxy 1.0novm

  • National Science Foundation Squid Web Proxy 1.1

  • National Science Foundation Squid Web Proxy 2.1

  • National Science Foundation Squid Web Proxy 2.2


References

XF - squid-proxy-auth-access(3433)

CONFIRM - http://www.squid-cache.org/Versions/v2/2.2/bugs/

BID - 741

BUGTRAQ - 19991025 [squid] exploit for external authentication problem

BUGTRAQ - 19991103 [squid]exploit for external authentication problem


Last Updated: 27 May 2016 10:51:53