Computer Security
[EN] no-pyccku

Privoxy information leakage
SecurityVulns ID:12946
Threat Level:
Description:Proxy-Authenticate and Proxy-Authorization headers are not filtered, making it possible to hijack authentication information.
CVE:CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.)
Original documentdocumentcontact_(at), Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503 (13.03.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod