WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T21:05:25.625Z
Reserved: 2005-02-10T00:00:00
Link: CVE-2005-0316

No data.

Status : Modified
Published: 2005-01-28T05:00:00.000
Modified: 2024-11-20T23:54:52.473
Link: CVE-2005-0316

No data.