WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-10T05:00:00
Updated: 2024-08-07T21:05:25.625Z
Reserved: 2005-02-10T00:00:00
Link: CVE-2005-0316
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-01-28T05:00:00.000
Modified: 2024-11-20T23:54:52.473
Link: CVE-2005-0316
Redhat
No data.