Denial Of Service (DoS)

php is vulnerable to denial of service DoS. The vulnerability exists as a bug in the PHP Streams component caused the PHP interpreter to crash if an FTP wrapper connection was made through an HTTP proxy. A remote attacker could possibly trigger this issue if a PHP script accepted an untrusted URL...

CVE-2019-10196

A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an...

[SECURITY] [DLA 2163-1] tinyproxy security update

Package : tinyproxy Version : 1.8.3-3+deb8u1 CVE ID : CVE-2017-11747 Debian Bug : 870307 948283 A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after...

CVE-2019-11070

WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video HLS, DASH, or Smooth Streaming, an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded...

The vulnerability of the HTTP PROXY Server process on the Cisco IOS operating system allows a perpetrator to trigger a service failure.

The vulnerability of the HTTP PROXY Server process on the Cisco IOS operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

DEBIAN-CVE-2016-1000111

Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbou...

Security Bulletin: Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench affected by Netty vulnerabilities (CVE-2020-7238, CVE-2019-16869, CVE-2019-20445, CVE-2019-20444)

Summary Netty is vulnerable to security issues affecting the Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench Vulnerability Details CVEID: CVE-2020-7238 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a...

Denial of Service

Overview Versions of http-proxy prior to 1.18.1 are vulnerable to Denial of Service. An HTTP request with a long body triggers an ERRHTTPHEADERSSENT unhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using the...

Design/Logic Flaw

HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic t...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

Memory corruption

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2011-4661

CVE-2011-4661 affects Cisco IOS before 15.2(1)T, caused by a memory leak in the HTTP PROXY Server (CSCtu52820) when ISR Web Security with ScanSafe and NTLM authentication is configured. Documented impact includes partial availability loss with attack surface over the network. No explicit exploit ...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2666)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2019-2231)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2018-1074)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2016-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to Configure WinHTTP Proxy for Veeam Components

Known Limitation A tenant's Veeam Backup & Replication server cannot access Veeam Cloud Connect infrastructure components through HTTP/HTTPS proxy servers. All cloud-targeted traffic from the tenant's Veeam Backup & Replication server will ignore proxy settings. Purpose This article documents how...

Moderate: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...