Vulnerabilities > CVE-1999-1481 - Unspecified vulnerability in National Science Foundation Squid web Proxy

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
national-science-foundation
exploit available
NVD
Published: 1999-12-31
Updated: 2017-10-10

Summary

Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.

Vulnerable Configurations

Part Description Count
Application
National_Science_Foundation
5

Exploit-Db

descriptionNational Science Foundation Squid Web Proxy 1.0/1.1/2.1 Authentication Failure. CVE-1999-1481. Remote exploit for linux platform
idEDB-ID:19567
last seen2016-02-02
modified1999-10-25
published1999-10-25
reporterOezguer Kesim
sourcehttps://www.exploit-db.com/download/19567/
titleNational Science Foundation Squid Web Proxy 1.0/1.1/2.1 - Authentication Failure

References