Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2632

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2012-2632
Last Modified 18 Jun 2012 12:00:00
Published 15 Jun 2012 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2012-2632

Summary

SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intended URL restrictions via a TCP session.

Vulnerable Systems

Operating System

  • Seil B1 Firmware 2.30

  • Seil B1 Firmware 2.40

  • Seil B1 Firmware 2.41

  • Seil B1 Firmware 2.42

  • Seil B1 Firmware 2.50

  • Seil B1 Firmware 2.51

  • Seil B1 Firmware 2.52

  • Seil B1 Firmware 2.60

  • Seil B1 Firmware 2.61

  • Seil B1 Firmware 2.62

  • Seil B1 Firmware 2.63

  • Seil B1 Firmware 2.70

  • Seil B1 Firmware 2.72

  • Seil B1 Firmware 2.73

  • Seil B1 Firmware 2.74

  • Seil B1 Firmware 2.75

  • Seil B1 Firmware 3.01

  • Seil B1 Firmware 3.02

  • Seil B1 Firmware 3.10

  • Seil B1 Firmware 3.11

  • Seil B1 Firmware 3.12

  • Seil B1 Firmware 3.13

  • Seil B1 Firmware 3.20

  • Seil B1 Firmware 3.21

  • Seil B1 Firmware 3.30

  • Seil B1 Firmware 3.31

  • Seil B1 Firmware 3.40

  • Seil B1 Firmware 3.41

  • Seil B1 Firmware 3.50

  • Seil B1 Firmware 3.51

  • Seil B1 Firmware 3.60

  • Seil B1 Firmware 3.70

  • Seil B1 Firmware 3.71

  • Seil B1 Firmware 3.75

  • Seil X86 Firmware 1.00

  • Seil X86 Firmware 1.61


References

CONFIRM - http://www.seil.jp/support/security/a01232.html

JVNDB - JVNDB-2012-000059

JVN - JVN#24646833


Last Updated: 27 May 2016 10:56:32