FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

privoxy -- malicious server spoofing as proxy vulnerability

Affected packages
privoxy < 3.0.21


VuXML ID ad82b0e9-c3d6-11e5-b5fe-002590263bf5
Discovery 2013-03-07
Entry 2016-01-26

Privoxy Developers reports:

Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentially allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley.


CVE Name CVE-2013-2503
FreeBSD PR ports/176813