CVE-2009-0804 - OpenCVE

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:N/AC:H/Au:N/C:C/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ziproxy	Ziproxy

Configuration 1 [-]

cpe:2.3:a:ziproxy:ziproxy:2.6.0:*:*:*:*:*:*:*

References

Link	Resource
http://www.kb.cert.org/vuls/id/435052	Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-7N9GN8	Vendor Advisory
http://www.securityfocus.com/bid/33858

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:24:10

Updated: 2022-10-03T16:24:10

Reserved: 2022-10-03T00:00:00

Link: CVE-2009-0804

JSON object: View

NVD Information

Status : Analyzed

Published: 2009-03-04T16:30:00.250

Modified: 2009-06-18T04:00:00.000

Link: CVE-2009-0804

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:24:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33858", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33858"}, {"name": "VU#435052", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/435052"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-7N9GN8"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0804", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33858", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33858"}, {"name": "VU#435052", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/435052"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-7N9GN8", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-7N9GN8"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0804", "datePublished": "2022-10-03T16:24:10", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:24:10", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ziproxy:ziproxy:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9CB5B52-3848-4206-BDAD-3D947DAE7B47", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."}, {"lang": "es", "value": "Cuando el modo de interceptaci\u00f3n transparente est\u00e1 activado en Ziproxy 2.6.0, usa la cabecera Host de HTTP para determinar el destino, lo que permite a atacantes remotos saltarse el control de acceso para Flash, Java y Silverlight, y probablemente otras tecnolog\u00edas, posiblemente podr\u00edan comunicarse con sitios restringidos de la Intranet, a trav\u00e9s de una p\u00e1gina Web manipulada que provoca que un cliente env\u00ede peticiones con un cabecera Host modificada."}], "id": "CVE-2009-0804", "lastModified": "2009-06-18T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-03-04T16:30:00.250", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/435052"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.kb.cert.org/vuls/id/MAPG-7N9GN8"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33858"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}