var-200904-0328
Vulnerability from variot
Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header. Proxy servers running in interception mode ("transparent" proxies) that make connection decisions based on HTTP header values may be used by an attacker to relay connections. Multiple HTTP proxy implementations are prone to an information-disclosure vulnerability related to the interpretation of the 'Host' HTTP header. Specifically, this issue occurs when the proxy makes a forwarding decision based on the 'Host' HTTP header instead of the destination IP address. Attackers may exploit this issue to obtain sensitive information such as internal intranet webpages. Additional attacks may also be possible.
SOLUTION: As a workaround, the vendor recommends to "configure Guardian to block their internal web servers without passwords using hostname and IPaddress". ----------------------------------------------------------------------
Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/
Click here to trial our solutions: http://secunia.com/advisories/try_vi/
TITLE: Ziproxy HTTP "Host:" Header Security Bypass
SECUNIA ADVISORY ID: SA34018
VERIFY ADVISORY: http://secunia.com/advisories/34018/
DESCRIPTION: A security issue has been reported in Ziproxy, which can be exploited by malicious people to bypass certain security restrictions. This can be exploited to e.g. access restricted websites or bypass a browser's security context protection mechanism by sending HTTP requests with a forged HTTP "Host:" header.
Successful exploitation requires that the attacker can forge the HTTP "Host:" header (e.g. via active content).
The security issue is reported in version 2.6.0. Other versions may also be affected.
SOLUTION: The vendor recommends to use a proxy server with better security capabilities between clients and Ziproxy. Use a firewall to restrict access to untrusted websites.
PROVIDED AND/OR DISCOVERED BY: US-CERT credits Robert Auger, PayPal Information Risk Management team.
ORIGINAL ADVISORY: US-CERT VU#435052: http://www.kb.cert.org/vuls/id/435052
http://www.kb.cert.org/vuls/id/MAPG-7N9GN8
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
SOLUTION: The vendor has published workarounds
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200904-0328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "proxysg sg210-10",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg210-25",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg510-10",
"scope": "eq",
"trust": 1.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg810-10",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg va-20",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": "*"
},
{
"model": "proxysg va-5",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": "*"
},
{
"model": "proxysg sg810-25",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg510-20",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg810-20",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg510-25",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": "*"
},
{
"model": "proxysg va-10",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": "*"
},
{
"model": "proxysg sg210-5",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg9000-5",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg9000-10",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg810-5",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg sg9000-20",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg va-15",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": "*"
},
{
"model": "proxysg sg510-5",
"scope": "eq",
"trust": 1.0,
"vendor": "bluecoat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "astaro",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet initiative",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qbik new zealand",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "smoothwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "squid",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ziproxy",
"version": null
},
{
"model": "proxysg",
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": "proxysg va-5",
"scope": null,
"trust": 0.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg va-15",
"scope": null,
"trust": 0.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg va-10",
"scope": null,
"trust": 0.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "proxysg va-20",
"scope": null,
"trust": 0.6,
"vendor": "bluecoat",
"version": null
},
{
"model": "ziproxy",
"scope": "eq",
"trust": 0.3,
"vendor": "ziproxy",
"version": "2.6"
},
{
"model": "mac orchard dansguardian",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "0"
},
{
"model": "web proxy cache pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "squid",
"version": "3.0"
},
{
"model": "web proxy cache pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "squid",
"version": "3.0"
},
{
"model": "web proxy cache pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "squid",
"version": "3.0"
},
{
"model": "web proxy cache",
"scope": "eq",
"trust": 0.3,
"vendor": "squid",
"version": "3.0"
},
{
"model": "web proxy cache 3.0.stable7",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable6",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable5",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable4",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable3",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable2",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable13",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable12",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 3.0.stable1",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 2.7.stable6",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache 2.7.stable5",
"scope": null,
"trust": 0.3,
"vendor": "squid",
"version": null
},
{
"model": "web proxy cache",
"scope": "eq",
"trust": 0.3,
"vendor": "squid",
"version": "2.7"
},
{
"model": "smoothguardian",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2008"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.5.2"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.2.2"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.2.1"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.1.4.1099"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.1.3.1096"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.1.2.1094"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.1.1.1077"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.31005"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21001"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21000"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1995"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1993"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.0"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.2"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "funkwerk",
"version": "0"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "bloxx",
"scope": "eq",
"trust": 0.3,
"vendor": "bloxx",
"version": "0"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.404"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.402"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.302"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.301"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.3"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.006"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7.005"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7"
},
{
"model": "ziproxy",
"scope": "ne",
"trust": 0.3,
"vendor": "ziproxy",
"version": "2.7"
},
{
"model": "mac orchard dansguardian",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "2.10.1.1"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "funkwerk",
"version": "1.95.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "BID",
"id": "33858"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:bluecoat:proxysg",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Robert Auger from the PayPal Information Risk Management team",
"sources": [
{
"db": "BID",
"id": "33858"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
}
],
"trust": 0.9
},
"cve": "CVE-2009-1211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1211",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1211",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#435052",
"trust": 0.8,
"value": "3.54"
},
{
"author": "NVD",
"id": "CVE-2009-1211",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200904-012",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header. Proxy servers running in interception mode (\"transparent\" proxies) that make connection decisions based on HTTP header values may be used by an attacker to relay connections. Multiple HTTP proxy implementations are prone to an information-disclosure vulnerability related to the interpretation of the \u0027Host\u0027 HTTP header. Specifically, this issue occurs when the proxy makes a forwarding decision based on the \u0027Host\u0027 HTTP header instead of the destination IP address. \nAttackers may exploit this issue to obtain sensitive information such as internal intranet webpages. Additional attacks may also be possible. \n\nSOLUTION:\nAs a workaround, the vendor recommends to \"configure Guardian to\nblock their internal web servers without passwords using hostname and\nIPaddress\". ----------------------------------------------------------------------\n\nDid you know? Our assessment and impact rating along with detailed\ninformation such as exploit code availability, or if an updated patch\nis released by the vendor, is not part of this mailing-list?\n \nClick here to learn more about our commercial solutions:\nhttp://secunia.com/advisories/business_solutions/\n \nClick here to trial our solutions:\nhttp://secunia.com/advisories/try_vi/\n\n----------------------------------------------------------------------\n\nTITLE:\nZiproxy HTTP \"Host:\" Header Security Bypass\n\nSECUNIA ADVISORY ID:\nSA34018\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/34018/\n\nDESCRIPTION:\nA security issue has been reported in Ziproxy, which can be exploited\nby malicious people to bypass certain security restrictions. This can be\nexploited to e.g. access restricted websites or bypass a browser\u0027s\nsecurity context protection mechanism by sending HTTP requests with a\nforged HTTP \"Host:\" header. \n\nSuccessful exploitation requires that the attacker can forge the HTTP\n\"Host:\" header (e.g. via active content). \n\nThe security issue is reported in version 2.6.0. Other versions may\nalso be affected. \n\nSOLUTION:\nThe vendor recommends to use a proxy server with better security\ncapabilities between clients and Ziproxy. Use a firewall to restrict\naccess to untrusted websites. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits Robert Auger, PayPal Information Risk Management\nteam. \n\nORIGINAL ADVISORY:\nUS-CERT VU#435052:\nhttp://www.kb.cert.org/vuls/id/435052\n\nhttp://www.kb.cert.org/vuls/id/MAPG-7N9GN8\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nSOLUTION:\nThe vendor has published workarounds",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1211"
},
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "BID",
"id": "33858"
},
{
"db": "PACKETSTORM",
"id": "75119"
},
{
"db": "PACKETSTORM",
"id": "75100"
},
{
"db": "PACKETSTORM",
"id": "75126"
},
{
"db": "PACKETSTORM",
"id": "75099"
},
{
"db": "PACKETSTORM",
"id": "75373"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1211",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#435052",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1021781",
"trust": 2.4
},
{
"db": "BID",
"id": "33858",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "34064",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2009-0582",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "34014",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "34020",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "34018",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "34019",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "75119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75100",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75126",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75099",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75373",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "BID",
"id": "33858"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "PACKETSTORM",
"id": "75119"
},
{
"db": "PACKETSTORM",
"id": "75100"
},
{
"db": "PACKETSTORM",
"id": "75126"
},
{
"db": "PACKETSTORM",
"id": "75099"
},
{
"db": "PACKETSTORM",
"id": "75373"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"id": "VAR-200904-0328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.19642857
},
"last_update_date": "2024-11-23T19:39:34.819000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ProxySG_in_transparent_deployments",
"trust": 0.8,
"url": "https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securitytracker.com/id?1021781"
},
{
"trust": 2.0,
"url": "https://hypersonic.bluecoat.com/support/securityadvisories/proxysg_in_transparent_deployments"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/435052"
},
{
"trust": 0.8,
"url": "http://www.thesecuritypractice.com/the_security_practice/transparentproxyabuse.pdf"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2616.txt"
},
{
"trust": 0.8,
"url": "http://www.webappsec.org/lists/websecurity/archive/2008-06/msg00073.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/reading_room/securing_browser/"
},
{
"trust": 0.8,
"url": "http://kb.adobe.com/selfservice/viewcontent.do?externalid=tn_14213"
},
{
"trust": 0.8,
"url": "http://www.w3.org/protocols/rfc2616/rfc2616-sec9.html"
},
{
"trust": 0.8,
"url": "http://www.owasp.org/index.php/testing_for_http_methods_and_xst_(owasp-cm-008)#black_box_testing_and_example"
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/w/index.php?title=list_of_tcp_and_udp_port_numbers\u0026oldid=266934839"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1211"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu435052/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1211"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/34064"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/33858"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2009/0582"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/try_vi/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.cgisecurity.com/2009/07/more-products-identified-using-vulnerable-transparent-proxy-architecture.html"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.net/products/smoothguardian2008/"
},
{
"trust": 0.3,
"url": "http://www.thesecuritypractice.com/the_security_practice/2009/03/socket-capable-browser-plugins-result-in-transparent-proxy-abuse.html"
},
{
"trust": 0.3,
"url": "http://www.squid-cache.org/"
},
{
"trust": 0.3,
"url": "http://www.wingate.com/"
},
{
"trust": 0.3,
"url": "http://ziproxy.sourceforge.net/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34014/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-7m6sm7"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34020/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34018/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-7n9gn8"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34019/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34064/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "BID",
"id": "33858"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "PACKETSTORM",
"id": "75119"
},
{
"db": "PACKETSTORM",
"id": "75100"
},
{
"db": "PACKETSTORM",
"id": "75126"
},
{
"db": "PACKETSTORM",
"id": "75099"
},
{
"db": "PACKETSTORM",
"id": "75373"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#435052"
},
{
"db": "BID",
"id": "33858"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"db": "PACKETSTORM",
"id": "75119"
},
{
"db": "PACKETSTORM",
"id": "75100"
},
{
"db": "PACKETSTORM",
"id": "75126"
},
{
"db": "PACKETSTORM",
"id": "75099"
},
{
"db": "PACKETSTORM",
"id": "75373"
},
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#435052"
},
{
"date": "2009-02-23T00:00:00",
"db": "BID",
"id": "33858"
},
{
"date": "2010-08-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"date": "2009-02-23T14:11:04",
"db": "PACKETSTORM",
"id": "75119"
},
{
"date": "2009-02-23T12:27:14",
"db": "PACKETSTORM",
"id": "75100"
},
{
"date": "2009-02-24T15:54:02",
"db": "PACKETSTORM",
"id": "75126"
},
{
"date": "2009-02-23T12:27:11",
"db": "PACKETSTORM",
"id": "75099"
},
{
"date": "2009-03-04T15:05:53",
"db": "PACKETSTORM",
"id": "75373"
},
{
"date": "2009-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"date": "2009-04-01T10:30:00.407000",
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#435052"
},
{
"date": "2013-09-28T00:16:00",
"db": "BID",
"id": "33858"
},
{
"date": "2010-08-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002544"
},
{
"date": "2009-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200904-012"
},
{
"date": "2024-11-21T01:01:55.193000",
"db": "NVD",
"id": "CVE-2009-1211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intercepting proxy servers may incorrectly rely on HTTP headers to make connections",
"sources": [
{
"db": "CERT/CC",
"id": "VU#435052"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "configuration error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200904-012"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.