EUVD-2007-3826

Malware in sbrugna...

EUVD-2007-2962

Malware in sbrugna...

8E6 Technologies R3000 Host Header Internet Filter Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30541/info 8e6 Technologies R3000 Internet Filter is prone to a vulnerability that allows attackers to bypass URI filters. Attackers can exploit this issue by sending specially crafted HTTP request packets for an arbitrar...

8E6 R3000 Internet Filter 2.0.5.33 URI Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27309/info 8e6 R3000 Internet Filter is prone to a vulnerability that allows attackers to bypass URI filters. Attackers can exploit this issue by sending specially crafted HTTP request packets for an arbitrary website...

8E6科技R3000 Internet过滤器Host头绕过检测漏洞

BUGTRAQ ID: 30541 8e6科技的R3000上网行为管理系统是软硬件集成的系统，允许管理者能有效控制与管理互联网用户的上网行为。 R3000 Internet过滤器所提供的HTTP URL过滤功能没有正确的验证Host头，用户可以访问设备设置了访问限制的网站。但用户无法利用这个漏洞绕过基于IP地址的过滤限制。 8E6 Technologies R3000 Internet Filter 2.0.12.10 8E6 Technologies ---------------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

8e6 Technologies R3000 Internet Filter URL filtering bypass

Stateful-filtering is not used. X-DecoyHost header may be used to bypass filtering...

8e6 Technologies R3000 Internet Filter Bypass with Host Decoy

8e6 Technologies R3000 Internet Filter Bypass with Host Decoy Product: 8e6 Technologies R3000 Internet Filter http://www.8e6.com/network-security/internet-filtering/internet-filtering.html The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter contains a...

CVE-2008-3494

The CVE-2008-3494 entry concerns the 8e6 R3000 Internet Filter version 2.0.12.10. The issue is a header-parsing bypass: remote attackers can bypass intended restrictions by sending an extra HTTP Host header with leading text before the real Host header. This is caused by how the filter parses the...

8E6 Technologies R3000 - Host Header Internet Filter Security Bypass

8E6 Technologies R3000 - Host Header Internet Filter Security Bypass source: https://www.securityfocus.com/bid/30541/info 8e6 Technologies R3000 Internet Filter is prone to a vulnerability that allows attackers to bypass URI filters. Attackers can exploit this issue by sending specially crafted...

8E6 Technologies R3000 - Host Header Internet Filter Security Bypass

source: https://www.securityfocus.com/bid/30541/info 8e6 Technologies R3000 Internet Filter is prone to a vulnerability that allows attackers to bypass URI filters. Attackers can exploit this issue by sending specially crafted HTTP request packets for an arbitrary website. Successful exploits all...

8e6-bypass.txt

8e6 Technologies R3000 Internet Filter Bypass by Request Split Product: 8e6 Technologies R3000 Internet Filter http://www.8e6.com/network-security/internet-filtering/internet-filtering.html The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter can be bypassed by...

8e6 Technologies R3000 Internet Filter Bypass by Request Split

8e6 Technologies R3000 Internet Filter Bypass by Request Split Product: 8e6 Technologies R3000 Internet Filter http://www.8e6.com/network-security/internet-filtering/internet-filtering.html The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter can be bypassed by...

8E6 R3000 Internet Filter 2.0.5.33 - URI SecURIty Bypass

source: https://www.securityfocus.com/bid/27309/info 8e6 R3000 Internet Filter is prone to a vulnerability that allows attackers to bypass URI filters. Attackers can exploit this issue by sending specially crafted HTTP request packets for an arbitrary website. Successful exploits allow attackers ...

Cross site scripting

Cross-site scripting XSS vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970...

CVE-2007-3842

Cross-site scripting XSS vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970...

CVE-2007-3842

CVE-2007-3842 (and related CVE-2007-2970) describes multiple cross-site scripting (XSS) flaws in the 8e6 R3000 Internet Filter/Enterprise Filter. The vulnerable component is cgi/block.cgi, with exploitation via the (1) URL, (2) CAT, and (3) USER parameters, enabling remote attackers to inject arb...

CVE-2007-3842

Cross-site scripting XSS vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cgi/block.cgi in 8e6 R3000 Internet Filter allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 CAT, and 3 USER parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-2970

Multiple cross-site scripting XSS vulnerabilities in cgi/block.cgi in 8e6 R3000 Internet Filter allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 CAT, and 3 USER parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-2970

CVE-2007-2970 corresponds to XSS in the 8e6 R3000 Internet Filter / Enterprise Filter (cgi/block.cgi) that allows remote attacker-injected scripts via the (1) URL, (2) CAT, and (3) USER parameters. Related records (CVE-2007-3842) describe the same family of vulnerability and state the affected pr...