Lucene search
K

307 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : privoxy (openSUSE-2013-242)

privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 bnc809123 - changes in 3.0.21 - On POSIX-like platforms, network sockets with file descriptor values above FDSETSIZE are properly rejected. Previously they could cause memory corruption in configurations that allowed the limit to be reache...

5.8CVSS7.1AI score0.04632EPSS
Exploits2References2
Prion
Prion
added 2014/05/23 2:55 p.m.14 views

Code injection

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform formerly Citrix CloudStack 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code...

5CVSS7.5AI score0.05822EPSS
Exploits1References8Affected Software2
securityvulns
securityvulns
added 2013/03/13 12:0 a.m.109 views

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

5.8CVSS7.5AI score0.04632EPSS
Exploits2
OSV
OSV
added 2013/03/11 5:55 p.m.2 views

DEBIAN-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS7.1AI score0.04632EPSS
Exploits2References1
OSV
OSV
added 2013/03/11 5:55 p.m.3 views

UBUNTU-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS7.1AI score0.04632EPSS
Exploits2References4
exploitpack
exploitpack
added 2013/03/11 12:0 a.m.16 views

Privoxy Proxy - Authentication Information Disclosure

Privoxy Proxy - Authentication Information Disclosure source: https://www.securityfocus.com/bid/58425/info Privoxy is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2013/03/11 12:0 a.m.44 views

Privoxy 3.0.20-1 Credential Exposure

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

5.8CVSS7.5AI score0.04632EPSS
Exploits2
FreeBSD
FreeBSD
added 2013/03/07 12:0 a.m.38 views

privoxy -- malicious server spoofing as proxy vulnerability

Privoxy Developers reports: Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentially allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley...

5.8CVSS6.6AI score0.04632EPSS
Exploits2References1
Ubuntu
Ubuntu
added 2013/02/25 11:54 p.m.66 views

USN-1748-1: Thunderbird vulnerabilities

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers COW and System Only Wrappers SOW. If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or...

9.3CVSS8.6AI score0.05364EPSS
Exploits4References1
NVD
NVD
added 2012/05/02 10:9 a.m.24 views

CVE-2012-0335

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

5CVSS6.4AI score0.02231EPSS
Exploits0References4
Prion
Prion
added 2012/05/02 10:9 a.m.22 views

Information disclosure

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

5CVSS7AI score0.02231EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/05/02 10:0 a.m.23 views

CVE-2012-0335

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

6.4AI score0.02231EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/05/02 12:0 a.m.5 views

PT-2012-2509 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 7.2 through 8.4 Description: The issue allows remote attackers to obtain sensitive information via a connection attempt due to improper proxy authentication during attempts t...

5CVSS6.4AI score0.02231EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2011/10/31 12:0 a.m.24 views

Ubuntu Update for kde4libs USN-1248-1

Ubuntu Update for Linux kernel vulnerabilities USN-1248-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12481.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for kde4libs USN-1248-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...

4.3CVSS8.2AI score0.01134EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2011/10/25 10:23 p.m.60 views

USN-1248-1: KDE-Libs vulnerability

Tim Brown discovered that KSSL in KDE-Libs did not properly perform input validation when displaying the common name CN for an SSL certificate. An attacker could exploit this to spoof the common name which could be used in an attack to trick the user into accepting a fraudulent certificate. This...

4.3CVSS5.4AI score0.01134EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/12/06 12:0 a.m.12 views

Google Chrome < 8.0.552.215 Multiple Vulnerabilities

Binary data 800959.prm...

9.3CVSS7.3AI score0.07533EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2010/12/03 12:0 a.m.36 views

Google Chrome < 8.0.552.215 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 8.0.552.215. Such versions are reportedly affected by multiple vulnerabilities : - It may be possible to bypass the pop-up blocker. Issue 17655 - A cross-origin video theft vulnerability exists related to canvas. Issue 5574...

9.3CVSS7AI score0.07533EPSS
Exploits3References14
securityvulns
securityvulns
added 2008/10/26 12:0 a.m.78 views

CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability

Oracle is a widely-deployed Database Management System DBMS that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism...

4CVSS6.2AI score0.02066EPSS
Exploits1
Cvelist
Cvelist
added 2008/03/28 11:0 p.m.30 views

CVE-2005-4874

The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain 1 proxy authentication passwords via a request with a "Max-Forwards: 0" header or 2 arbitrary local passwords on the web server that hosts this object...

6.8AI score0.01247EPSS
Exploits1References3
0day.today
0day.today
added 2007/11/05 12:0 a.m.30 views

JBC Explorer <= 7.20 RC 1 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================= JBC Explorer agent'Mozilla Firefox'; $xpl-allowredirection1; $xpl-cookiejar1; if$prx $xpl-proxy$prx; if$pra $xpl-proxyauth$pra; print "0x01Deleting the file auth.inc.php";...

7.1AI score
Exploits0
Rows per page
Query Builder