CVE-1999-0710

Squid - Open Redirect

Title source: llm

Description

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.

Exploits (1)

exploitdb WORKING POC VERIFIED

by fsaa · bashremotecgi

https://www.exploit-db.com/exploits/20465

View Code ZIP pw:eip

References (8)

[Vendor Advisory] http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-1999-025.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2005-489.html

[Vendor Advisory] http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/2385

[Mailing List] http://fedoranews.org/updates/FEDORA--.shtml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/2059

[Third Party Advisory] http://www.debian.org/security/2004/dsa-576

Scores

EPSS 0.1263

EPSS Percentile 94.0%

Details

Status published

Products (2)

redhat/linux 5.2

redhat/linux 6.0

Published Jul 25, 1999

Tracked Since Feb 18, 2026