CVE-2002-0067

Published Mar 8, 2002

Last updated 8 years ago

Overview

Description: Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "169C4A52-3191-423A-97C9-0E86A8D8160E",
            "versionEndIncluding": "2.4_stable_2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References