Unrated severityNVD Advisory· Published Jul 26, 2002· Updated Apr 16, 2026

CVE-2002-0714

Description

FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.

Affected products

Squid (software)/Squid
cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*
Range: <=2.4.stable6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rhn.redhat.com/errata/RHSA-2002-130.htmlnvdPatchVendor Advisory
www.linux-mandrake.com/en/security/2002/MDKSA-2002-044.phpnvdPatch
www.squid-cache.org/Advisories/SQUID-2002_3.txtnvdPatchVendor Advisory
www.squid-cache.org/Versions/v2/2.4/bugs/nvdPatch
ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-046.0.txtnvd
distro.conectiva.com.br/atualizacoes/nvd
marc.infonvd
rhn.redhat.com/errata/RHSA-2002-051.htmlnvd
www.iss.net/security_center/static/9479.phpnvd
www.osvdb.org/5924nvd
www.securityfocus.com/bid/5158nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000