CVE-2005-2729

EIP tracks 1 public exploit for CVE-2005-2729. PoCs published by Oliver Karow.

AI-analyzed exploit summary This exploit leverages a weakness in Astaro Security Linux to bypass access controls by connecting to arbitrary ports via a CONNECT request to port 8080. It demonstrates an SSRF-like behavior to access internal services.

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.