159 matches found
RiSearch show.pl Open Proxy Relay
The remote host seems to be running RiSearch, a local search engine. There is a flaw in the CGI 'show.pl' which is bundled with this software that could allow an attacker to use the remote host as an open proxy by doing a request like :...
Mandrake Linux Security Advisory : apache2 (MDKSA-2003:096-1)
A problem was discovered in Apache2 where CGI scripts that output more than 4k of output to STDERR will hang the script's execution which can cause a Denial of Service on the httpd process because it is waiting for more input from the CGI that is not forthcoming due to the locked write call in...
IRM Security Advisory 9
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...
IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...
CVE-2004-2061
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a 1 http://, 2 ftp://, or 3 file:// URL...
PT-2004-2957 · Isearch · Isearch +1
Name of the Vulnerable Software and Affected Versions: RiSearch version 1.0.01 RiSearch Pro version 3.2.06 Description: The issue allows remote attackers to use the show.pl script as an open proxy or read arbitrary local files by setting the url parameter to a http://, ftp://, or file:// URL...
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Arbitrary File Access source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on us...
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 RiSearch Pro 3.2.6 - show.pl Open Proxy Relay source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user...
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A remote attacker may exploit this...
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
source: https://www.securityfocus.com/bid/10812/info RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters. A remote attacker may exploit this...
Multiple Nokia Electronic Documentation bugs
Crossite scripting, path disclosure, open proxy...
CVE-2003-0316
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers...
CVE-2003-0316
CVE-2003-0316 concerns Venturi Client before version 2.2, used in Fourelle and Venturi Wireless products, which can function as an open proxy/relay for various protocols, including SMTP, enabling abuse by spammers. The CVE description and NVD entry confirm the issue and its network scope; OpenVAS...
CVE-2003-0316
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers...
Venturi Client open proxy
Client behaves itself as a open proxy...
Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office]
Product: Fourelle|Venturi Wireless Venturi Client all versions prior to 2.2 Brief Description: Acts as an open proxy for protocols including SMTP. Description: Venturi Client is a multi-protocol proxy that operates in conjunction with a proprietary transcoding server. It inserts itself into the...
Sambar Server 5.x - Open Proxy Authentication Bypass
Sambar Server 5.x - Open Proxy Authentication Bypass source: https://www.securityfocus.com/bid/10256/info Sambar improperly validates the IP address of an originating connection and can be used to gain access the administration interface without authorization. Once the remote attacker has gained...
Sambar Server 5.x - Open Proxy / Authentication Bypass
source: https://www.securityfocus.com/bid/10256/info Sambar improperly validates the IP address of an originating connection and can be used to gain access the administration interface without authorization. Once the remote attacker has gained access to the administrative interface, further attac...
TrendMicro InterScan VirusWall open proxy
There is no limitation for CONNECT usage...