Lucene search
K

180 matches found

RedhatCVE
RedhatCVE
added 2020/12/16 2:55 p.m.27 views

CVE-2020-35470

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

8.8CVSS1.7AI score0.00974EPSS
Exploits0References4
OSV
OSV
added 2020/12/15 1:15 a.m.14 views

CVE-2020-35470

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

8.8CVSS6.6AI score
Exploits0References3
Prion
Prion
added 2020/12/15 1:15 a.m.16 views

Design/Logic Flaw

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

5.8CVSS8.5AI score0.00974EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2020/12/15 12:0 a.m.5 views

PT-2020-17336 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.16.1 Description: The issue arises when Envoy logs an incorrect downstream address, considering only the directly connected peer and not the information in the proxy protocol header. This specifically affects...

8.8CVSS8.6AI score0.00974EPSS
Exploits0References10
CNNVD
CNNVD
added 2020/12/14 12:0 a.m.7 views

Envoy 安全漏洞

Envoy is an open source distributed proxy server . A security vulnerability exists in versions prior to Envoy 1.16.1 that stems from logging an incorrect downstream address because it only considers directly connected peers and not the information in the proxy protocol header. This affects cases...

8.8CVSS7.3AI score0.00974EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/04/06 7:28 p.m.5 views

httpd: null-pointer dereference in mod_remoteip

A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...

7.2CVSS7.3AI score0.52873EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/04/06 7:9 p.m.8 views

httpd: null-pointer dereference in mod_remoteip

A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...

7.2CVSS7.3AI score0.52873EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.270 views

EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1359)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...

9.1CVSS6.8AI score0.52873EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2019/10/18 12:0 a.m.213 views

Apache HTTP Server Stack Overflow Vulnerability - Linux

Apache HTTP Server is prone to a stack overflow vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"...

7.2CVSS7.9AI score0.52873EPSS
Exploits0References1
OSV
OSV
added 2019/09/26 4:15 p.m.33 views

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS7AI score
Exploits0References17
OSV
OSV
added 2019/09/26 4:15 p.m.1 views

DEBIAN-CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS6.7AI score0.52873EPSS
Exploits0References1
OSV
OSV
added 2019/09/26 4:15 p.m.4 views

ALPINE-CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS7.4AI score0.52873EPSS
Exploits0References1
EUVD
EUVD
added 2019/09/26 2:21 p.m.5 views

EUVD-2019-2141

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS9.8AI score0.52873EPSS
Exploits0References26
Debian CVE
Debian CVE
added 2019/09/26 2:21 p.m.38 views

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS6.7AI score0.52873EPSS
Exploits0
Hacker One
Hacker One
added 2019/08/15 2:42 p.m.155 views

Internet Bug Bounty: mod_remoteip stack buffer overflow and NULL pointer dereference

Versions Affected: httpd 2.4.32 to 2.4.39 Summary: When modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY v1 or PROXY v2 header could trigger a stack buffer overflow or NULL pointer deference. This was assigned CVE-2019-100...

6CVSS9.6AI score0.52873EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/08/14 12:0 a.m.60 views

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

7.2CVSS6.9AI score0.52873EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/07/23 12:0 a.m.8 views

PT-2019-13557 · Mastercactapus +2 · Proxyprotocol +3

Name of the Vulnerable Software and Affected Versions: mastercactapus proxyprotocol versions prior to 0.0.2 mastercactapus caddy-proxyprotocol plugin versions prior to 0.0.2 for Caddy Description: The issue allows remote attackers to cause a denial of service, resulting in a webserver panic and...

7.5CVSS7.5AI score0.04295EPSS
Exploits1References12
Apache Httpd
Apache Httpd
added 2019/07/23 12:0 a.m.208 views

Apache Httpd < 2.4.41 : CVE-2019-10097 mod_remoteip: Stack buffer overflow and NULL pointer dereference

When modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients...

7.2CVSS1.9AI score0.52873EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2017/05/25 12:0 a.m.14 views

How to configure NetScaler to send proxy protocol to backend servers

This article describes how to configure NetScaler to send proxy protocol to backend servers. Background Proxy protocol was designed to chain proxies/reverse proxies without losing the client information. Client information refers to the client-ip address and port. Proxy protocol was developed by...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/12 12:0 a.m.45 views

openSUSE Security Update : exim (openSUSE-SU-2014:0983-1)

"Changes in exim : - Silence static checkers; beo1506. - update to 4.83 This release of Exim includes one incompatible fix : + the behavior of expansion of arguments to math comparison functions , was unexpected, expanding the values twice; CVE-2014-2972; bnc888520 This release contains the...

7.5CVSS7.1AI score0.08382EPSS
Exploits1References10
Rows per page
Query Builder