0.5.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

3proxy

NVD

Published: 2007-02-08

Updated: 2024-11-21

Summary

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials.

Vulnerable Configurations

Part	Description	Count
Application	3Proxy 3Proxy 3Proxy 0.5.1 3Proxy 3Proxy 0.5 3Proxy 3Proxy 0.5.2	3

References

http://3proxy.ru/0.5.3g/Changelog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/38205
http://3proxy.ru/0.5.3g/Changelog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/38205