HTTP Proxy Bypass Vulnerability in Sambar Server before 6.0 beta 6

HTTP Proxy Bypass Vulnerability in Sambar Server before 6.0 beta 6

CVE-2003-1286 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.

Learn more about our Web App Pen Testing.