Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0710 — Redhat Linux vulnerability

11 documents8 sources

Severity

7.5HIGHNVD

EPSS

12.6%

top 6.02%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Squid Redhat Linux

Timeline

PublishedJul 25

Latest updateApr 30

Description

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debiansquid/squid< 2.5.7-1+3

▶NVDredhat/linux5.2, 6.0+1

🔴Vulnerability Details

GHSA

GHSA-qhrx-x4p7-jr4j: The Squid package in Red Hat Linux 5↗2022-04-30

▶

CVEList

CVE-1999-0710: The Squid package in Red Hat Linux 5↗2000-01-04

▶

OSV

CVE-1999-0710: The Squid package in Red Hat Linux 5↗1999-07-25

▶

💥Exploits & PoCs

Exploit-DB

Squid Web Proxy 2.2 - 'cachemgr.cgi' Unauthorized Connection↗1999-07-23

▶

📋Vendor Advisories

Red Hat

security flaw↗1999-07-25

▶

Debian

CVE-1999-0710: squid - The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, install...↗1999

▶

💬Community

Bugzilla

CVE-1999-0710 security flaw↗2018-08-16

▶

Bugzilla

CVE-1999-0710 cachemgr.cgi access control bypass↗2005-04-28

▶

Bugzilla

CVE-1999-0710 cachemgr.cgi access control bypass↗2005-04-28

▶

Bugzilla

Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345↗2004-10-11

▶