CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6982

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://3proxy.ru/0.5.3g/Changelog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/38205
http://3proxy.ru/0.5.3g/Changelog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/38205

Products affected by CVE-2006-6982

3proxy » 3proxy » Version: 0.5

cpe:2.3:a:3proxy:3proxy:0.5
3proxy » 3proxy » Version: 0.5.1

cpe:2.3:a:3proxy:3proxy:0.5.1
3proxy » 3proxy » Version: 0.5.2

cpe:2.3:a:3proxy:3proxy:0.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6982

Products

Pricing

Contact Us