CVE-2002-0714

EPSS 0.17%
Published 26.07.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Squid ≫ Squid Version <= 2.4.stable6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.17%	0.352

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.squid-cache.org/Versions/v2/2.4/bugs/

Patch

http://rhn.redhat.com/errata/RHSA-2002-051.html

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txt

http://marc.info/?l=bugtraq&m=102674543407606&w=2

http://rhn.redhat.com/errata/RHSA-2002-130.html

Patch

Vendor Advisory

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php

Patch

http://www.squid-cache.org/Advisories/SQUID-2002_3.txt

Patch

Vendor Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506

http://www.iss.net/security_center/static/9479.php

http://www.osvdb.org/5924

http://www.securityfocus.com/bid/5158

https://nvd.nist.gov/vuln/detail/CVE-2002-0714

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0714

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0714

EUVD