CVE-2005-2729

high

Description

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/22021

http://www.securityfocus.com/bid/14665

http://secunia.com/advisories/16578/

http://marc.info/?l=bugtraq&m=112501186602731&w=2

Details

Source: Mitre, NVD

Published: 2005-08-30

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.042