Back to search
CVE-2003-1286
Published: Nov 22, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.sambar.com/security.htm
x_refsource_CONFIRM
10256
vdb-entry
x_refsource_BID
sambar-http-gain-access(16054)
vdb-entry
x_refsource_XF
9578
third-party-advisory
x_refsource_SECUNIA
1007819
vdb-entry
x_refsource_SECTRACK
20030925 Sambar Server Multiple Vulnerabilities
third-party-advisory
x_refsource_IDEFENSE
20040430 SECURITY.NNOV: Sambar security quest
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now