CVE-2005-2729
First published: Mon Aug 29 2005(Updated: )
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Astaro Security Gateway | =6.001 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-2729?
CVE-2005-2729 is considered to have a medium severity level due to its potential for exposing local services through the HTTP proxy.
How do I fix CVE-2005-2729?
To fix CVE-2005-2729, ensure that all HTTP CONNECT requests are properly filtered and not allowed to reach localhost.
What systems are affected by CVE-2005-2729?
CVE-2005-2729 specifically affects Astaro Security Linux version 6.0.1.
What is the impact of CVE-2005-2729?
The impact of CVE-2005-2729 is that it allows remote attackers to bypass firewall rules and access local services.
Can CVE-2005-2729 be exploited remotely?
Yes, CVE-2005-2729 can be exploited remotely due to improper filtering of HTTP CONNECT requests by the proxy.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/astaro
- canonical/sophos astaro security gateway
- version/sophos astaro security gateway/6.001