CVE-2003-1286
published 2003-12-31CVE-2003-1286: HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the…
PriorityP333high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.37%
87.3th percentile
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
| sambar | sambar_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.htmlhttp://secunia.com/advisories/9578http://securitytracker.com/id?1007819http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=truehttp://www.sambar.com/security.htmhttp://www.securityfocus.com/bid/10256https://exchange.xforce.ibmcloud.com/vulnerabilities/16054http://archives.neohapsis.com/archives/bugtraq/2004-04/0353.htmlhttp://secunia.com/advisories/9578http://securitytracker.com/id?1007819http://www.idefense.com/application/poi/display?id=103&type=vulnerabilities&flashstatus=truehttp://www.sambar.com/security.htmhttp://www.securityfocus.com/bid/10256https://exchange.xforce.ibmcloud.com/vulnerabilities/16054
2003-12-31
Published