CVE-2002-0714
N/A
N/A
Summary
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://marc.info/?l=bugtraq&m=102674543407606&w=2
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txt
- http://www.squid-cache.org/Versions/v2/2.4/bugs/
- http://rhn.redhat.com/errata/RHSA-2002-051.html
- http://www.squid-cache.org/Advisories/SQUID-2002_3.txt
- http://rhn.redhat.com/errata/RHSA-2002-130.html
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php
- http://www.securityfocus.com/bid/5158
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506
- http://www.iss.net/security_center/static/9479.php
- http://www.osvdb.org/5924
References
- http://marc.info/?l=bugtraq&m=102674543407606&w=2
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txt
- http://www.squid-cache.org/Versions/v2/2.4/bugs/
- http://rhn.redhat.com/errata/RHSA-2002-051.html
- http://www.squid-cache.org/Advisories/SQUID-2002_3.txt
- http://rhn.redhat.com/errata/RHSA-2002-130.html
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php
- http://www.securityfocus.com/bid/5158
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506
- http://www.iss.net/security_center/static/9479.php
- http://www.osvdb.org/5924
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.