Lucene search
+L

3368 matches found

Exploit DB
Exploit DB
added 2002/10/18 12:0 a.m.30 views

IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service

source: https://www.securityfocus.com/bid/6002/info A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers. An attacker can exploit this vulnerability by sending a malforme...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/03/27 12:0 a.m.36 views

Squid FTP URL Special Character Handling Remote Overflow

The remote squid caching proxy, according to its version number, is vulnerable to various buffer overflows. An attacker may use these to gain a shell on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.8AI score0.09449EPSS
Exploits1References2
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.26 views

CVE-2001-1105

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure...

7AI score0.02685EPSS
Exploits0References5
CVE
CVE
added 2002/03/09 5:0 a.m.52 views

CVE-1999-1104

CVE-1999-1104 affects Windows 95 password caching: the .pwl file is encrypted with weak protection, enabling a local attacker to decrypt cached passwords and potentially gain privileges. The available documents do not specify remediation or fixes; exploitation details are not provided.

4.6CVSS7.2AI score0.01013EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.22 views

CVE-2000-0575

SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS...

6.8AI score0.00846EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2002/03/08 12:36 a.m.9 views

Important: Red Hat Security Advisory: : Updated mod_ssl packages available

Updated modssl packages for Red Hat Linux 7, 7.1, and 7.2 are available which close a buffer overflow in modssl. When session caching is enabled, modssl will serialize SSL session variables to store them for later use. Unpatched versions of modssl prior to version 2.8.7 which use the 'shm' or 'db...

7.5CVSS6.3AI score0.29878EPSS
Exploits1References2
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.30 views

mod_ssl Buffer Overflow Condition (Update Available)

modssl Buffer Overflow Condition Update Available -------------------------------------------------------- SYNOPSIS modssl www.modssl.org is a commonly used Apache module that provides strong cryptography for the Apache web server. The module utilizes OpenSSL formerly SSLeay for the SSL...

0.8AI score
Exploits0
NVD
NVD
added 2001/11/30 5:0 a.m.16 views

CVE-2001-0936

Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request...

7.5CVSS7.2AI score0.01527EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/11/30 12:0 a.m.24 views

Alert: Vulnerability in frox transparent ftp proxy.

There is a security hole in all the 0.6.x versions of the frox transparent ftp proxy up to and including version 0.6.6. Version 0.6.7 fixes this vulnerability, and upgrading to this is advised. Development snapshots are also affected up to and including frox-20011031.tar.gz. The vulnerability is...

1.4AI score
Exploits0
CVE
CVE
added 2001/09/18 4:0 a.m.50 views

CVE-2001-0175

CVE-2001-0175 affects the Netscape Fasttrack Server 4.1 caching module. The vulnerability allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. No exploits or remediation details are provided in the connected documents.

5CVSS7AI score0.02468EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2001/09/13 12:0 a.m.41 views

Проблемы с RSA BSAFE SSL (unauthorized access)

Ошибка в кэшировании сертификатов позволяет подключиться с недействительным сертификатом...

2.5AI score
Exploits0References1Affected Software2
CERT
CERT
added 2001/08/09 12:0 a.m.66 views

Microsoft Windows NT and 2000 Domain Name Servers allow non-authoritative RRs to be cached by default

Overview Microsoft Domain Name Servers hosted on Windows NT or Windows 2000 Server systems run with permissive DNS cache defaults. This may allow unauthorized remote intruders to redirect sites that rely on the vulnerable DNS servers for legitimate information. Description The Domain Name System,...

5CVSS6.8AI score0.04935EPSS
Exploits1References8
Exploit DB
Exploit DB
added 2001/05/18 12:0 a.m.22 views

RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation

source: https://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy search path. Combined with the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/04/09 12:0 a.m.52 views

Уязвимость ipfilter (fragment caching filter bypass)

При проверке фрагментированного пакета не проверяются порты и флаги пакета, только адреса и ip id, если ip id имеется в кэше...

0.8AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/04/07 12:0 a.m.43 views

Serious bug in IPFilter

A VERY serious bug has been brought to my attention in IPFilter. In 10 words or less, fragment caching with can let through "any" packet. Ok, so that's 8. Cause ===== When matching a fragment, only srcip, dstip and IP ID are checked and the fragment cache is checked before any rules are checked. ...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2001/02/02 12:0 a.m.40 views

defcom.netscape-fasttrack.txt

====================================================================== Defcom Labs Advisory def-2001-05 Netscape Fasttrack Server Caching DoS Author: Peter Gründl Release Date: 2001-01-22 ====================================================================== ------------------------=Brief...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/01/23 12:0 a.m.19 views

def-2001-05: Netscape Fasttrack Server Caching DoS

====================================================================== Defcom Labs Advisory def-2001-05 Netscape Fasttrack Server Caching DoS Author: Peter Grьndl [email protected] Release Date: 2001-01-22 ======================================================================...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.22 views

Дырка в ProFTPD (mod_sqlpw Password Caching)

Авторизованный пользоватлеь может переключиться в другого не зхная пароля...

0.7AI score
Exploits0References1
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.24 views

mod_sqlpw Password Caching Bug

The modsqlpw module for ProFTPD caches the user id and password information returned from the mysql database when attempting to verify a password. When the "user" command is used to switch to another account, the cached password is not cleard, and the password entered is checked against the cache...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2000/11/16 12:0 a.m.34 views

aim.caching.txt

% Advisory % Advisory % Advisory % Advisory % Advisory % Advisory % Author: f3d Program: AOL Instant Messanger Servers/Clients Fault: Caching vulnerability Os: Win/BSD/Aim compatible % Advisory % Advisory % Advisory % Advisory % Advisory % Advisory % Problem. There is a vulnerability in AOL Insta...

7.4AI score
Exploits0
Rows per page
Query Builder