3368 matches found
IBM Websphere Caching Proxy 3.6/4.0 - Denial of Service
source: https://www.securityfocus.com/bid/6002/info A vulnerability has been reported in the Caching Proxy component bundled with IBM WebSphere Edge Server. The vulnerability is due to inadequate checks when processing HTTP headers. An attacker can exploit this vulnerability by sending a malforme...
Squid FTP URL Special Character Handling Remote Overflow
The remote squid caching proxy, according to its version number, is vulnerable to various buffer overflows. An attacker may use these to gain a shell on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2001-1105
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure...
CVE-1999-1104
CVE-1999-1104 affects Windows 95 password caching: the .pwl file is encrypted with weak protection, enabling a local attacker to decrypt cached passwords and potentially gain privileges. The available documents do not specify remediation or fixes; exploitation details are not provided.
CVE-2000-0575
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS...
Important: Red Hat Security Advisory: : Updated mod_ssl packages available
Updated modssl packages for Red Hat Linux 7, 7.1, and 7.2 are available which close a buffer overflow in modssl. When session caching is enabled, modssl will serialize SSL session variables to store them for later use. Unpatched versions of modssl prior to version 2.8.7 which use the 'shm' or 'db...
mod_ssl Buffer Overflow Condition (Update Available)
modssl Buffer Overflow Condition Update Available -------------------------------------------------------- SYNOPSIS modssl www.modssl.org is a commonly used Apache module that provides strong cryptography for the Apache web server. The module utilizes OpenSSL formerly SSLeay for the SSL...
CVE-2001-0936
Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request...
Alert: Vulnerability in frox transparent ftp proxy.
There is a security hole in all the 0.6.x versions of the frox transparent ftp proxy up to and including version 0.6.6. Version 0.6.7 fixes this vulnerability, and upgrading to this is advised. Development snapshots are also affected up to and including frox-20011031.tar.gz. The vulnerability is...
CVE-2001-0175
CVE-2001-0175 affects the Netscape Fasttrack Server 4.1 caching module. The vulnerability allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. No exploits or remediation details are provided in the connected documents.
Проблемы с RSA BSAFE SSL (unauthorized access)
Ошибка в кэшировании сертификатов позволяет подключиться с недействительным сертификатом...
Microsoft Windows NT and 2000 Domain Name Servers allow non-authoritative RRs to be cached by default
Overview Microsoft Domain Name Servers hosted on Windows NT or Windows 2000 Server systems run with permissive DNS cache defaults. This may allow unauthorized remote intruders to redirect sites that rely on the vulnerable DNS servers for legitimate information. Description The Domain Name System,...
RedHat 6.1/6.2/7.0/7.1 - Man Cache File Creation
source: https://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy search path. Combined with the...
Уязвимость ipfilter (fragment caching filter bypass)
При проверке фрагментированного пакета не проверяются порты и флаги пакета, только адреса и ip id, если ip id имеется в кэше...
Serious bug in IPFilter
A VERY serious bug has been brought to my attention in IPFilter. In 10 words or less, fragment caching with can let through "any" packet. Ok, so that's 8. Cause ===== When matching a fragment, only srcip, dstip and IP ID are checked and the fragment cache is checked before any rules are checked. ...
defcom.netscape-fasttrack.txt
====================================================================== Defcom Labs Advisory def-2001-05 Netscape Fasttrack Server Caching DoS Author: Peter Gründl Release Date: 2001-01-22 ====================================================================== ------------------------=Brief...
def-2001-05: Netscape Fasttrack Server Caching DoS
====================================================================== Defcom Labs Advisory def-2001-05 Netscape Fasttrack Server Caching DoS Author: Peter Grьndl [email protected] Release Date: 2001-01-22 ======================================================================...
Дырка в ProFTPD (mod_sqlpw Password Caching)
Авторизованный пользоватлеь может переключиться в другого не зхная пароля...
mod_sqlpw Password Caching Bug
The modsqlpw module for ProFTPD caches the user id and password information returned from the mysql database when attempting to verify a password. When the "user" command is used to switch to another account, the cached password is not cleard, and the password entered is checked against the cache...
aim.caching.txt
% Advisory % Advisory % Advisory % Advisory % Advisory % Advisory % Author: f3d Program: AOL Instant Messanger Servers/Clients Fault: Caching vulnerability Os: Win/BSD/Aim compatible % Advisory % Advisory % Advisory % Advisory % Advisory % Advisory % Problem. There is a vulnerability in AOL Insta...