174 matches found
CVE-2015-5004
The Edge Component Caching Proxy in IBM WebSphere Application Server WAS 8.0 before 8.0.0.12 and 8.5 before 8.5.5.8 does not properly encrypt data, which allows remote authenticated users to obtain sensitive information via unspecified vectors...
Information disclosure
The Edge Component Caching Proxy in IBM WebSphere Application Server WAS 8.0 before 8.0.0.12 and 8.5 before 8.5.5.8 does not properly encrypt data, which allows remote authenticated users to obtain sensitive information via unspecified vectors...
CVE-2015-5004
The Edge Component Caching Proxy in IBM WebSphere Application Server WAS 8.0 before 8.0.0.12 and 8.5 before 8.5.5.8 does not properly encrypt data, which allows remote authenticated users to obtain sensitive information via unspecified vectors...
CVE-2015-5004
CVE-2015-5004 affects IBM WebSphere Application Server Edge Component Caching Proxy. The vulnerability could allow a remote authenticated attacker to obtain sensitive information due to improper encryption. Affected are IBM WebSphere Application Server versions 8.0 (pre-8.0.0.12) and 8.5 (pre-8.5...
IBM WebSphere Caching Proxy Server 5.0 2 Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10651/info A denial of service vulnerability is reported in the Caching Proxy component bundled with the IBM Websphere Edge Server. It is reported that if the proxy is configured with the JunctionRewrite directive in...
IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6002/info A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers. An attacker can exploit this...
IBM Websphere Edge Server 3.69/4.0 HTTP Header Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6001/info A vulnerability has been discovered in the Caching Proxy component bundled with the IBM Websphere Edge Server. Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct ...
IBM Websphere Edge Server 3.6/4.0 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6000/info A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server. It has been reported that the Caching Proxy is vulnerable to cross site scripting attacks. Due to...
CVE-2013-4522
lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...
UBUNTU-CVE-2013-4522
lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...
Design/Logic Flaw
lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...
CVE-2013-4522
CVE-2013-4522 affects Moodle: lib/filelib.php (various 2.2–2.5 branches) fails to send Cache-Control: private headers, enabling a caching proxy to serve previously retrieved files and potentially expose sensitive information. Impact is information exposure via cached responses; no exploit details...
CVE-2013-4522
lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...
IBM Edge Components Caching Proxy XSS Followup
Rapid7 probably found this vulnerability on October 23 2002 http://seclists.org/fulldisclosure/2002/Oct/330 and its called CVE- 2002-1167 They don't show the output and specify it is error message but the injection method is the same. The update is it works on IBM Edge Components Caching Proxy -...
IBM Edge Components Caching Proxy crossite scripting
Crossite scripting on non-existent page...
IBM Edge Components Caching Proxy Cross Site Scripting
Rapid7 probably found this vulnerability on October 23 2002 http://seclists.org/fulldisclosure/2002/Oct/330 and its called CVE- 2002-1167 They don't show the output and specify it is error message but the injection method is the same. The update is it works on IBM Edge Components Caching Proxy -...
Fedora Update for polipo FEDORA-2012-0849
Check for the Version of polipo OpenVAS Vulnerability Test Fedora Update for polipo FEDORA-2012-0849 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Squid Unsupported Version Detection
According to its self-reported version number, the installation of Squid running on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable...
Cross site scripting
Cross-site scripting XSS vulnerability in Caching Proxy CP 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response...
CVE-2008-0717
CVE-2008-0717 affects IBM WebSphere Edge Server’s Caching Proxy (CP) 5.1–6.1. When CGI mapping rules are enabled, it enables cross-site scripting by injecting arbitrary script/HTML that is reflected in an error response. The NVD entry lists a NETWORK attack vector with MEDIUM complexity, requirin...