44 matches found
Commvault Edge Server deserializes cookie data insecurely
Overview Commvault Edge Server, version 10 R2, deserializes untrusted, user-provided cookie data, resulting in arbitrary OS command execution with the web server's privileges. Description CWE-502: Deserialization of Untrusted Data - CVE-2015-7253Commvault Edge Server, version 10 R2, deserializes...
IBM Websphere Edge Server 3.69/4.0 HTTP Header Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6001/info A vulnerability has been discovered in the Caching Proxy component bundled with the IBM Websphere Edge Server. Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct ...
IBM WebSphere Caching Proxy Server 5.0 2 Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10651/info A denial of service vulnerability is reported in the Caching Proxy component bundled with the IBM Websphere Edge Server. It is reported that if the proxy is configured with the JunctionRewrite directive in...
IBM Websphere Edge Server 3.6/4.0 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6000/info A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server. It has been reported that the Caching Proxy is vulnerable to cross site scripting attacks. Due to...
Security Best Practice: Adobe Flash Proxy Auto-Discovery DHCP Traffic Inspection
The Dynamic Host Configuration Protocol DHCP is a protocol used by networked devices to obtain the parameters necessary for operation in an Internet Protocol network. This protocol reduces system administration workload, allowing devices to be added to the network with little or no manual...
Adobe Flash Media Server多个远程溢出漏洞
BUGTRAQ ID: 27762 CVECAN ID: CVE-2007-6149,CVE-2007-6148,CVE-2007-6431 Adobe Flash Media Server是基于Flash应用程序的服务器,可提供运行交互式应用及音频视频流的环境。 Flash Media Server包含有名为Edge Server的组件,该组件在TCP 1935和19350端口监听入站连接。Edge...
Integer overflow
Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol RTMP message with a crafted integer field that is used for allocation...
CVE-2007-6148
CVE-2007-6148 describes a use-after-free in the Edge Server of Adobe Flash Media Server 2 (before 2.0.5) and Connect Enterprise Server 6 (before SP3) that allows remote code execution via a sequence of RTMP requests. Seebug aggregates describe multiple vulnerabilities (including integer overflows...
CVE-2008-0717
Cross-site scripting XSS vulnerability in Caching Proxy CP 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response...
CVE-2008-0717
Cross-site scripting XSS vulnerability in Caching Proxy CP 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response...
CVE-2008-0717
CVE-2008-0717 affects IBM WebSphere Edge Server’s Caching Proxy (CP) 5.1–6.1. When CGI mapping rules are enabled, it enables cross-site scripting by injecting arbitrary script/HTML that is reflected in an error response. The NVD entry lists a NETWORK attack vector with MEDIUM complexity, requirin...
IBM WebSphere Edge Server Caching Proxy DoS Vulnerability
We could crash the WebSphere Edge caching proxy by sending a bad request to the helpout.exe CGI SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2004-0684
WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters...
CVE-2004-0684
WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters...
CVE-2004-0684
The CVE-2004-0684 entry concerns WebSphere Edge Server 5.02’s Edge Component Caching Proxy when JunctionRewrite is enabled. A remote attacker can trigger a denial-of-service by sending an HTTP GET request without parameters. The description indicates potential impact to availability but does not ...
[Full-Disclosure] CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server
The following advisory is also available in pdf for download at http://www.cybsec.com/vuln/IBM-WebSphere-Edge-Server-DOS.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Denial of Service in WebSphere Edge Server. Vulnerability Class: Denial of Service Release Date: June 2nd 2004 Affected...
IBM WebSphere Edge Caching Proxy DoS
We could crash the WebSphere Edge caching proxy by sending a bad request to the helpout.exe CGI. C Tenable Network Security, Inc. References: From:"Rapid 7 Security Advisories" Message-ID: Date: Wed, 23 Oct 2002 12:08:39 -0700 Subject: R7-0007: IBM WebSphere Edge Server Caching Proxy Denial of...
IBM Websphere Edge Server 3.64.0 - Cross-Site Scripting
IBM Websphere Edge Server 3.64.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/6000/info A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server. It has been reported that the Caching Proxy is vulnerable to cross site...
IBM Websphere Edge Server 3.69/4.0 - HTTP Header Injection
source: https://www.securityfocus.com/bid/6001/info A vulnerability has been discovered in the Caching Proxy component bundled with the IBM Websphere Edge Server. Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct a malicious link which contains...
IBM Websphere Edge Server 3.6/4.0 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/6000/info A vulnerability has been discoverered in the Caching Proxy component bundled with the IBM Websphere Edge Server. It has been reported that the Caching Proxy is vulnerable to cross site scripting attacks. Due to insufficient sanitization of...