CVE-2002-0714

EPSS 0.17%
Veröffentlicht 26.07.2002 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Squid ≫ Squid Version <= 2.4.stable6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.352

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.squid-cache.org/Versions/v2/2.4/bugs/

Patch

http://rhn.redhat.com/errata/RHSA-2002-051.html

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txt

http://marc.info/?l=bugtraq&m=102674543407606&w=2

http://rhn.redhat.com/errata/RHSA-2002-130.html

Patch

Vendor Advisory

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.php

Patch

http://www.squid-cache.org/Advisories/SQUID-2002_3.txt

Patch

Vendor Advisory

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000506

http://www.iss.net/security_center/static/9479.php

http://www.osvdb.org/5924

http://www.securityfocus.com/bid/5158

https://nvd.nist.gov/vuln/detail/CVE-2002-0714

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0714

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0714

EUVD