mysource 2.14.82.16 - Multiple Vulnerabilities

mysource 2.14.82.16 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct...

Governs the granting of leave true when True also false-the“real”IP security risks-vulnerability warning-the black bar safety net

Let us look at the ASP code first: Function getIP Dim strIPAddr as string If Request. ServerVariables"HTTPXFORWARDEDFOR" = "" OR InStrRequest. ServerVariables"HTTPXFORWARDEDFOR", "unknown" 0 Then strIPAddr = Request. ServerVariables"REMOTEADDR" ElseIf InStrRequest...

CentOS 3 / 4 : httpd (CESA-2005:582)

Updated Apache httpd packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a powerful, full-featured, efficient, and...

WinGate POST Request Buffer Overflow

The remote host appears to be running WinGate Proxy Server, a Windows application for managing and securing Internet access. According to its banner, the version of WinGate installed on the remote host is affected by a buffer overflow vulnerability in its HTTP proxy service. An attacker with acce...

phpBB can be used as HTTP proxy with vulnerability-vulnerability warning-the black bar safety net

Affected system: phpBB Group phpBB 2.0.20 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 1 7 9 6 5 phpBB is a PHP language implementation of a Web-based open source Forum program, the use of more widely. It supports multiple databases as...

Design/Logic Flaw

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI...

CVE-2006-2341

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI...

CVE-2006-2341

CVE-2006-2341 affects Symantec Gateway Security 5000 Series (versions 2.0.1 and 3.0) and Symantec Enterprise Firewall 8.0. When NAT is in use, the HTTP proxy can be abused by remote attackers to determine internal IP addresses by sending malformed HTTP requests—specifically a GET request with no ...

CVE-2006-2341

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI...

phpBB 2.0.20 - Unauthorized HTTP Proxy

phpBB 2.0.20 - Unauthorized HTTP Proxy source: https://www.securityfocus.com/bid/17965/info phpBB is prone to a vulnerability that could permit the application to become an unauthorized HTTP proxy. An attacker can exploit this issue to manipulate phpBB into becoming an HTTP proxy...

[Full-disclosure] SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure

SEC Consult Security Advisory 20060512-0 ============================================================== title: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure program: Symantec Enterprise FW vulnerable version: 8.0 homepage: www.symantec.com found: 2005-09-13 by: SEC Consult /...

phpBB 2.0.20 - Unauthorized HTTP Proxy

source: https://www.securityfocus.com/bid/17965/info phpBB is prone to a vulnerability that could permit the application to become an unauthorized HTTP proxy. An attacker can exploit this issue to manipulate phpBB into becoming an HTTP proxy...

Cisco Application Velocity System TCP port relaying

Default configuration allows any TCP port to be accessed with transparent HTTP proxy request...

Symantec Enterprise Firewall NAT/HTTP Proxy internal IP leakage

SUMMARY An information leak has been discovered in the HTTP proxy of the Symantec Enterprise Firewall and Symantec Gateway Security products. In response to specific http requests, the firewall may reveal internal addresses otherwise hidden by Network Address Translation NAT. Severity Very Low...

Symantec Enterprise Firewall Gateway Security - HTTP Proxy Internal IP Leakage

Symantec Enterprise Firewall Gateway Security - HTTP Proxy Internal IP Leakage source: https://www.securityfocus.com/bid/17936/info Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness. The vendor has reported that the NAT/HTTP proxy component...

Symantec Enterprise Firewall / Gateway Security - HTTP Proxy Internal IP Leakage

source: https://www.securityfocus.com/bid/17936/info Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness. The vendor has reported that the NAT/HTTP proxy component of the products may reveal the internal IP addresses of protected computers. A...

Invision Power Board 2.1.5 - 'search.php' Remote Code Execution

!/usr/bin/perl Wed Apr 26 16:44:15 CEST 2006 [email protected] INVISION POWER BOARD 2.1.5 pr00f 0f c0ncept remote command execution. vuln credits goes to IceShaman. works only if you have perms to post a comment. Exploit with replye is in my TODO... 514 still r0xing. !dSR the hardc0re hax0rs ;...

Joomla! 1.0.7 / Mambo 4.5.3 - 'feed' Full Path Disclosure / Denial of Service

Mambo/Joomla Remote DOS Exploit Mambo/Joomla Path Disclosure & IIS Server-isapi mod Remote Denial Of Service by trueend5 Computer Security Science Researchers Institute KAPDA hostname ex: www.sitename.com input name="path"...

CuteNews 1.4.1 - function.php Local File Inclusion

CuteNews 1.4.1 - function.php Local File Inclusion CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. Happy Norouz PERSIAN new year celebration Greetz to all Iranian...

CuteNews 1.4.1 - 'function.php' Local File Inclusion

CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. Happy Norouz PERSIAN new year celebration Greetz to all Iranian Hackers spacially my friends in ihsteam.com...