| Vulnerability Name: | CVE-2002-0715 (CCN-9478) | ||||||||
| Assigned: | 2002-07-03 | ||||||||
| Published: | 2002-07-03 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CALDERA Type: UNKNOWN CSSA-2002-046.0 Source: CCN Type: SCO Security Advisory CSSA-2003-SCO.9 Buffer overflows and other security vulnerabilities in Squid Source: MITRE Type: CNA CVE-2002-0715 Source: CCN Type: Conectiva Linux Announcement CLSA-2002:506 squid Source: BUGTRAQ Type: UNKNOWN 20020715 TSLSA-2002-0062 - squid Source: CCN Type: RHSA-2002-051 New Squid packages available Source: REDHAT Type: UNKNOWN RHSA-2002:051 Source: CCN Type: RHSA-2002-130 squid security update Source: REDHAT Type: Patch, Vendor Advisory RHSA-2002:130 Source: XF Type: UNKNOWN squid-auth-header-forwarding(9478) Source: MANDRAKE Type: Patch MDKSA-2002:044 Source: BID Type: UNKNOWN 5154 Source: CCN Type: BID-5154 Squid Proxy Authentication Credential Forwarding Information Disclosure Vulnerability Source: CCN Type: Squid Proxy Cache Security Update Advisory SQUID-2002:3 Squid Proxy Cache Security Update Advisory Source: CONFIRM Type: Patch, Vendor Advisory http://www.squid-cache.org/Advisories/SQUID-2002_3.txt Source: CONFIRM Type: Patch http://www.squid-cache.org/Versions/v2/2.4/bugs/ Source: XF Type: UNKNOWN squid-auth-header-forwarding(9478) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||