Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-1999-0710

Published: 25/07/1999 Updated: 03/05/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Redhat

Vulnerability Summary

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote malicious users to use it as an intermediary to connect to other systems.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat linux 6.0

redhat linux 5.2

Vendor Advisories

Red Hat: squid security update
Synopsis squid security update Type/Severity Security Advisory: Low Topic An updated squid package that fixes several security issues is now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description Squid is a full-featured Web prox ...
Red Hat: squid security update
Synopsis squid security update Type/Severity Security Advisory: Low Topic An updated squid package that fixes several security issues is now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description Squid is a full-featured Web prox ...
Debian Security Advisories: DSA-576-1 squid -- several vulnerabilities
Several security vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache The Common Vulnerabilities and Exposures project identifies the following problems: CVE-1999-0710 It is possible to bypass access lists and scan arbitrary hosts and ports in the network through cachemgrcgi, which is inst ...

Exploits

Exploit DB: Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection
source: wwwsecurityfocuscom/bid/2059/info The 'cachemgrcgi' module is a management interface for the Squid proxy service It was installed by default in '/cgi-bin' by Red Hat Linux 52 and 60 installed with Squid This script prompts for a host and port, which it then tries to connect to If a webserver such as Apache is running, this c ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/archives/rh52-errata-general.html#squidhttp://www.debian.org/security/2004/dsa-576http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.htmlhttp://fedoranews.org/updates/FEDORA--.shtmlhttp://www.redhat.com/support/errata/RHSA-1999-025.htmlhttp://www.redhat.com/support/errata/RHSA-2005-489.htmlhttp://www.securityfocus.com/bid/2059https://exchange.xforce.ibmcloud.com/vulnerabilities/2385https://access.redhat.com/errata/RHSA-2005:489https://nvd.nist.govhttps://www.exploit-db.com/exploits/20465/https://www.debian.org/security/./dsa-576
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525CVE-2024-4652CVE-2024-1438CVE-2024-4671CVE-2024-34351arbitrary CVE-2024-4650SQL injectionoverflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook