Privoxy Proxy Authentication Information Disclosure Vulnerabilities
BID:58425
Info
Privoxy Proxy Authentication Information Disclosure Vulnerabilities
| Bugtraq ID: | 58425 |
| Class: | Access Validation Error |
| CVE: |
CVE-2013-2503 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 11 2013 12:00AM |
| Updated: | Apr 16 2015 05:43PM |
| Credit: | Chris John Riley |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Privoxy Proxy Authentication Information Disclosure Vulnerabilities
Privoxy is prone to multiple information-disclosure vulnerabilities.
Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This may aid in further attacks.
Privoxy 3.0.20 is affected; other versions may also be vulnerable.
Privoxy is prone to multiple information-disclosure vulnerabilities.
Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This may aid in further attacks.
Privoxy 3.0.20 is affected; other versions may also be vulnerable.
Exploit / POC
Privoxy Proxy Authentication Information Disclosure Vulnerabilities
The following proof-of-concept is available:
The following proof-of-concept is available:
Solution / Fix
Privoxy Proxy Authentication Information Disclosure Vulnerabilities
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Privoxy Proxy Authentication Information Disclosure Vulnerabilities
References:
References:
- Privoxy Homepage (Privoxy)