Computer Security
[EN] securityvulns.ru
no-pyccku

  

Squid / McAfee Web Gateway URL filtering bypass
Published:19.04.2012
Source:
SecurityVulns ID:12324
Type:remote
Threat Level:
4/10
Description:Server trusts to Host: header in CONNECT request.
Affected:SQUID : squid 3.1
 MCAFEE : McAfee Web Gateway 7.0
CVE:CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a "req_header Host" acl regex that matches www.uol.com.br.)
 CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide configuration details for the vulnerable system, and the observed behavior might be consistent with a configuration that was (perhaps inadvertently) designed to allow access based on Host HTTP headers.)
Original documentdocumentGabriel Menezes Nunes, Squid URL Filtering Bypass (19.04.2012)
 documentGabriel Menezes Nunes, McAfee Web Gateway URL Filtering Bypass (19.04.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru