CVE Vulnerabilities

CVE-2005-0316

Published: Jan 28, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.

Affected Software

Name Vendor Start Version End Version
Webwasher_classic Webwasher 2.2.1 2.2.1
Webwasher_classic Webwasher 3.3 3.3

References