675 matches found
Debian Security Advisory DSA 3145-1 (privoxy - security update)
Multiple vulnerabilities were discovered in Privoxy, a privacy enhancing HTTP proxy, which might result in denial of service. OpenVAS Vulnerability Test $Id: deb3145.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3145-1 using nvtgen 1.0 Script version: 1.0 Author:...
[SECURITY] [DSA 3139-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3139-1 [email protected] http://www.debian.org/security/ Sebastien Delafond January 25, 2015 http://www.debian.org/security/faq -...
DSA-3139-1 squid - security update
Bulletin has no description...
Ubuntu: Security Advisory (USN-2458-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
cURL/libcURL Remote Security Restriction Bypass Vulnerability
cURL/libcURL is a command line file transfer tool that supports FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. cURL/libcURL versions 6.0-7.39.0 contain a URL request injection vulnerability in the implementation of parseurlandfillconn, which can be exploited by attackers to bypass...
DEBIAN-CVE-2014-8150
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL...
Ubuntu 14.04 LTS : Ubufox update (USN-2458-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2458-2 advisory. USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Tenable has extracted the preceding description block...
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2458-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2458-1 advisory. Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory...
USN-2458-1: Firefox vulnerabilities
Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to caus...
RHEL 5 / 6 : httpd (RHSA-2012:0542)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0542 advisory. The Apache HTTP Server httpd is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server di...
CVE-2014-4440
The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server...
Information disclosure
The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server...
CVE-2014-4440
The MCX Desktop Config Profiles implementation in Apple OS X before 10.10 retains web-proxy settings from uninstalled mobile-configuration profiles, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging access to an unintended proxy server...
Debian DSA-3014-1 : squid3 - security update
Matthew Daley discovered that Squid3, a fully featured web proxy cache, did not properly perform input validation in request parsing. A remote attacker could use this flaw to mount a denial of service by sending crafted Range requests. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 3014-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3014-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 28, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3014-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3014-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 28, 2014 http://www.debian.org/security/faq -...
Oracle iPlanet Web Proxy Server 4.0 < 4.0.24 Multiple Vulnerabilities
The remote host has a version of Oracle iPlanet Web Proxy Server formerly Sun Java System Web Proxy Server 4.0 prior to 4.0.24. It is, therefore, affected by the following vulnerabilities : - The implementation of Network Security Services NSS does not ensure that data structures are initialized,...
Egresser - Tool to Enumerate Outbound Firewall Rules
Egresser is a tool to enumerate outbound firewall rules, designed for penetration testers to assess whether egress filtering is adequate from within a corporate network. Probing each TCP port in turn, the Egresser server will respond with the client’s source IP address and port, allowing the clie...
FOG Forum 0.8.1 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. ======================================================= FOG Forum 0.8.1 Local File Inclusion Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Te...
Proxomitron Naoko-4 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for script cod...