Ergebnis für URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 [1]CVE
[2](BUTTON) CVE List▾
[3]CVE List Search [4]Search Tips [5]CVE Request Web Form [6]Web Form Help [7]PGP
Key [8]CVE List Documents & Guidance [9]Terms of Use
[10](BUTTON) CNAs▾
[11]CVE Numbering Authorities (CNAs) [12]Participating CNAs [13]CNA Documents,
Policies & Guidance [14]CNA Rules, Version 3.0 [15]New CNA Onboarding [16]Slides
& Videos [17]How to Become a CNA
[18](BUTTON) WGs▾
[19]CVE Working Groups [20]Automation (AWG) [21]CNA Coordination (CNACWG)
[22]Outreach and Communications (OCWG) [23]CVE Quality (QWG) [24]Strategic
Planning (SPWG) [25]Tactical (TWG)
[26](BUTTON) Board▾
[27]CVE Board [28]Members [29]Email Archives [30]Meeting Archives [31]Board
Charter
[32](BUTTON) About▾
[33]About CVE [34]Professional Code of Conduct [35]CVE & NVD Relationship
[36]History [37]Sponsor [38]Documentation & Guidance [39]FAQs [40]Terminology
[41](BUTTON) News & Blog▾
[42]Latest CVE News [43]Blog [44]Podcast [45]Calendar [46]Archive [47]Follow CVE
[48]Free CVE Newsletter [49]CVEnew Twitter Feed Twitter [50]CVEannounce Twitter
Feed Twitter [51]CVE on Medium Medium [52]CVE on LinkedIn LinkedIn [53]CVEProject
on GitHub GitHub [54]CVE on YouTube YouTube
[55]Search CVE List
[56]Downloads
[57]Data Feeds
[58]Update a CVE Record
[59]Request CVE IDs
TOTAL CVE Records: [60]233151
NOTICE: Transition to the all-new CVE website at [61]WWW.CVE.ORG and [62]CVE
Record Format JSON are underway.
NOTICE: Legacy CVE download formats [63]deprecation is now underway and will end
on June 30, 2024.
New CVE List download format is [64]available now.
[65]Home > [66]CVE > CVE-2007-5034
¿
CVE-ID
CVE-2007-5034
[67]Learn more at National Vulnerability Database (NVD)
o CVSS Severity Rating o Fix Information o Vulnerable Software Versions o SCAP
Mappings o CPE Information
Description
ELinks before 0.11.3, when sending a POST request for an https URL, appends the
body and content headers of the POST request to the CONNECT request in cleartext,
which allows remote attackers to sniff sensitive data that would have been
protected by TLS. NOTE: this issue only occurs when a proxy is defined for https.
References
Note: [68]References are provided for the convenience of the reader to help
distinguish between vulnerabilities. The list is not intended to be complete.
* BID:25799
* [69]URL:http://www.securityfocus.com/bid/25799
* BUGTRAQ:20071005 rPSA-2007-0209-1 elinks
* [70]URL:http://www.securityfocus.com/archive/1/481606/100/0/threaded
* [71]CONFIRM:http://bugzilla.elinks.cz/show_bug.cgi?id=937
* [72]CONFIRM:https://bugs.launchpad.net/ubuntu/+source/elinks/+bug/141018
* [73]CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=297981
* DEBIAN:DSA-1380
* [74]URL:http://www.debian.org/security/2007/dsa-1380
* FEDORA:FEDORA-2007-2224
* [75]URL:https://www.redhat.com/archives/fedora-package-announce/2007-Septembe
r/msg00335.html
* FEDORA:FEDORA-2007-710
* [76]URL:https://www.redhat.com/archives/fedora-package-announce/2007-October/
msg00079.html
* OVAL:oval:org.mitre.oval:def:10335
* [77]URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.m
itre.oval%3Adef%3A10335
* REDHAT:RHSA-2007:0933
* [78]URL:http://www.redhat.com/support/errata/RHSA-2007-0933.html
* SECTRACK:1018764
* [79]URL:http://www.securitytracker.com/id?1018764
* SECUNIA:26936
* [80]URL:http://secunia.com/advisories/26936
* SECUNIA:26949
* [81]URL:http://secunia.com/advisories/26949
* SECUNIA:26956
* [82]URL:http://secunia.com/advisories/26956
* SECUNIA:27038
* [83]URL:http://secunia.com/advisories/27038
* SECUNIA:27062
* [84]URL:http://secunia.com/advisories/27062
* SECUNIA:27125
* [85]URL:http://secunia.com/advisories/27125
* SECUNIA:27132
* [86]URL:http://secunia.com/advisories/27132
* UBUNTU:USN-519-1
* [87]URL:http://www.ubuntu.com/usn/usn-519-1
* VUPEN:ADV-2007-3278
* URL:[DEL: http://www.vupen.com/english/advisories/2007/3278 :DEL] (Obsolete
source)
Assigning CNA
Canonical Ltd.
Date Record Created
20070921 Disclaimer: The [88]record creation date may reflect when the CVE ID was
allocated or reserved, and does not necessarily indicate when this vulnerability
was discovered, shared with the affected vendor, publicly disclosed, or updated
in CVE.
Phase (Legacy)
Assigned (20070921)
Votes (Legacy)
Comments (Legacy)
Proposed (Legacy)
N/A
This is an record on the [89]CVE List, which provides common identifiers for
publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: ____________________ Submit
You can also search by reference using the [90]CVE Reference Maps.
For More Information: [91]CVE Request Web Form (select "Other" from dropdown)
[92]Back to top
[93]Site Map | [94]Terms of Use | [95]Privacy Policy | [96]Contact Us | Follow
CVE [97]Twitter [98]LinkedIn [99]GitHub [100]YouTube [101]Medium
[102]Search CVE Website
Use of the CVE® List and the associated references from this website are subject
to the [103]terms of use. CVE is sponsored by the [104]U.S. Department of
Homeland Security (DHS) [105]Cybersecurity and Infrastructure Security Agency
(CISA). Copyright © 1999-2024, [106]The MITRE Corporation. CVE and the CVE logo
are registered trademarks of The MITRE Corporation.
References
Visible links:
1. https://cve.mitre.org/index.html
2. https://www.cve.org/
3. https://cve.mitre.org/cve/search_cve_list.html
4. https://cve.mitre.org/find/search_tips.html
5. https://cveform.mitre.org/
6. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_form
7. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_formweb_form_encrypt_requests
8. https://www.cve.org/ResourcesSupport/Resources
9. https://www.cve.org/Legal/TermsOfUse
10. https://www.cve.org/ProgramOrganization/CNAs
11. https://www.cve.org/ProgramOrganization/CNAs
12. https://www.cve.org/PartnerInformation/ListofPartners
13. https://www.cve.org/ResourcesSupport/Resources#CVENumberingAuthorities
14. https://www.cve.org/ResourcesSupport/AllResources/CNARules
15. https://www.cve.org/PartnerInformation/Partner#CNA
16. https://www.cve.org/ResourcesSupport/Resources#cnaOnboarding
17. https://www.cve.org/PartnerInformation/Partner#HowToBecomeAPartner
18. https://www.cve.org/ProgramOrganization/WorkingGroups
19. https://www.cve.org/ProgramOrganization/WorkingGroups
20. https://www.cve.org/ProgramOrganization/WorkingGroups#AutomationWorkingGroupAWG
21. https://www.cve.org/ProgramOrganization/WorkingGroups#CNACoordinationWorkingGroupCNACWG
22. https://www.cve.org/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG
23. https://www.cve.org/ProgramOrganization/WorkingGroups#QualityWorkingGroupQWG
24. https://www.cve.org/ProgramOrganization/WorkingGroups#StrategicPlanningWorkingGroupSPWG
25. https://www.cve.org/ProgramOrganization/WorkingGroups#TacticalWorkingGroup
26. https://www.cve.org/ProgramOrganization/Board
27. https://www.cve.org/ProgramOrganization/Board
28. https://www.cve.org/ProgramOrganization/Board#Members
29. https://cve.mitre.org/community/board/archive.html#board_mail_list_archive
30. https://cve.mitre.org/community/board/archive.html#meeting_summaries
31. https://www.cve.org/ProgramOrganization/Board#Resources
32. https://www.cve.org/About/Overview
33. https://www.cve.org/About/Overview
34. https://www.cve.org/ResourcesSupport/AllResources/ProfessionalCodeOfConduct
35. https://www.cve.org/ResourcesSupport/FAQs#pc_introcve_nvd_relationship
36. https://www.cve.org/About/History
37. https://www.cve.org/ResourcesSupport/FAQs#pc_introwho_owns_cve
38. https://www.cve.org/ResourcesSupport/Resources
39. https://www.cve.org/ResourcesSupport/FAQs
40. https://www.cve.org/ResourcesSupport/Glossary
41. https://www.cve.org/Media/News/AllNews
42. https://www.cve.org/Media/News/AllNews
43. https://www.cve.org/Media/News/Blogs
44. https://www.cve.org/Media/News/Podcasts
45. https://www.cve.org/Media/Events
46. https://cve.mitre.org/news/archives/index.html
47. https://cve.mitre.org/cve/data_feeds.html
48. https://www.cve.org/Media/News/NewsletterSignup
49. https://twitter.com/CVEnew/
50. https://twitter.com/CVEannounce/
51. https://medium.com/@CVE_Program
52. https://www.linkedin.com/company/cve-program
53. https://github.com/CVEProject
54. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
55. https://cve.mitre.org/cve/search_cve_list.html
56. https://www.cve.org/Downloads
57. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_list_basicscve_list_data_feeds
58. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#UpdateCVERecord
59. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#RequestCVEID
60. https://www.cve.org/
61. https://www.cve.org/
62. https://www.cve.org/Media/News/item/blog/2022/10/06/CVE-Records-Are-Now-Displayed
63. https://medium.com/@cve_program/phase-3-of-legacy-cve-download-formats-deprecation-now-underway-15c27faa4456
64. https://www.cve.org/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format
65. https://cve.mitre.org/
66. https://cve.mitre.org/cve/
67. https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5034
68. https://cve.mitre.org/data/refs/index.html
69. http://www.securityfocus.com/bid/25799
70. http://www.securityfocus.com/archive/1/481606/100/0/threaded
71. http://bugzilla.elinks.cz/show_bug.cgi?id=937
72. https://bugs.launchpad.net/ubuntu/+source/elinks/+bug/141018
73. https://bugzilla.redhat.com/show_bug.cgi?id=297981
74. http://www.debian.org/security/2007/dsa-1380
75. https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00335.html
76. https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00079.html
77. https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10335
78. http://www.redhat.com/support/errata/RHSA-2007-0933.html
79. http://www.securitytracker.com/id?1018764
80. http://secunia.com/advisories/26936
81. http://secunia.com/advisories/26949
82. http://secunia.com/advisories/26956
83. http://secunia.com/advisories/27038
84. http://secunia.com/advisories/27062
85. http://secunia.com/advisories/27125
86. http://secunia.com/advisories/27132
87. http://www.ubuntu.com/usn/usn-519-1
88. https://cve.mitre.org/about/faqs.html#date_record_created_in_cve_record
89. https://cve.mitre.org/cve/
90. https://cve.mitre.org/data/refs/index.html
91. https://cveform.mitre.org/
92. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034#top
93. https://cve.mitre.org/sitemap.html
94. https://www.cve.org/Legal/TermsOfUse
95. https://www.cve.org/Legal/PrivacyPolicy
96. https://cveform.mitre.org/
97. https://twitter.com/CVEnew/
98. https://www.linkedin.com/company/cve-program
99. https://github.com/CVEProject
100. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
101. https://medium.com/@cve_program
102. https://cve.mitre.org/find/index.html
103. https://cve.mitre.org/about/termsofuse.html
104. https://www.dhs.gov/
105. https://www.dhs.gov/cisa/cybersecurity-division/
106. https://www.mitre.org/
Hidden links:
108. https://cve.mitre.org/index.html
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)