CVE-2005-2729

Description

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

Affected products

• astaro / security_linux6.001 – 6.001

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/16578/
• MAILING_LISThttp://marc.info/?l=bugtraq&m=112501186602731&w=2
• MISChttp://www.securityfocus.com/bid/14665
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22021