Vulnerability Report

CVE-2005-2729

Title: Astaro Security Linux

Other

Proof Of Concept

PoC Available for CVE-2005-2729

CWE Category NVD-CWE-noinfo

Published Date Aug 30, 2005

Modified Date Apr 03, 2025

Exploit Status Available

Score 7.5 CVSS v2.0

Exploit Probability (EPSS)

1.95%

Vulnerability Summary

CVE-2005-2729: The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.

Impacted Vendors

astaro 1

Reference Links

http://marc.info/?l=bugtraq&m=112501186602731&w=2 http://secunia.com/advisories/16578/ http://www.securityfocus.com/bid/14665 https://exchange.xforce.ibmcloud.com/vulnerabilities/22021 http://marc.info/?l=bugtraq&m=112501186602731&w=2 http://secunia.com/advisories/16578/ http://www.securityfocus.com/bid/14665 https://exchange.xforce.ibmcloud.com/vulnerabilities/22021

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.5

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2005-2729 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/26198

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

August 30, 2005 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.