675 matches found
CVE-2010-2385
CVE-2010-2385 affects Sun Java System Web Proxy Server 4.0.13. The vulnerability is described as unspecified and exploitable remotely via the Administration Server (HTTP). The CVE is listed with a base score of 5.8 (Medium) and is included in the Oracle July 2010 Critical Patch Update advisory, w...
DirectAdmin <= v1.35.1 XSS vuln.
DirectAdmin = v1.35.1 XSS vuln. Vuln. discovered by : r0t Date: 15 March 2010 vendor:http://www.directadmin.com/ affected versions:v1.35.1 and other versions also can be affected. orginal advisory:http://pridels-team.blogspot.com/2010/03/directadmin-v1351-xss-vuln.html DirectAdmin contains a flaw...
Squid Web代理缓存HTCP请求远程拒绝服务漏洞
BUGTRAQ ID: 38212 CVE ID: CVE-2010-0639 Squid是一个高效的Web缓存及代理程序,最初是为Unix平台开发的,现在也被移植到Linux和大多数的Unix类系统中,最新的Squid可以运行在Windows平台下。 远程攻击者可以通过向Squid的HTCP端口发送畸形报文触发空指针引用,导致Squid崩溃。 Squid Web Proxy Cache 3.0 Squid Web Proxy Cache 2.x 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 对于Squid-2.x 明确配置htcpport...
Debian DSA-2002-1 : polipo - denial of service
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3305 A malicous remote server could cause polipo to crash by sending an invalid Cache-Control heade...
Debian DSA-1991-1 : squid/squid3 - denial of service
Two denial of service vulnerabilities have been discovered in squid and squid3, a web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2855 Bastian Blank discovered that it is possible to cause a denial of service via a crafted auth header wit...
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...
DSA-1991-1 squid squid3 - denial of service
Bulletin has no description...
Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow (PoC)
Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/37648/info Sun Java System Web Server is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the affected application or to obtain...
Squid Gopher Protocol Handling Buffer Overflow (CVE-2005-0094)
Squid is a full featured, open source web proxy caching server. It supports proxying of variety of protocols including FTP, HTTP, DNS and Gopher. A vulnerability exists in the way Squid web proxy handles responses from Gopher servers. An overly long line in a Gopher response can overflow a fixed...
Microsoft ISA Server HTTP Content Header (MS05-034; CVE-2005-1215)
The Microsoft Internet Security and Acceleration ISA Server is a firewall and web proxy caching server. While relaying client requests to upstream servers, ISA will keep a copy of the returned content in its cache. When unchanged resources are later requested by web clients, the content is served...
Squid WCCP Message Parsing Denial Of Service (CVE-2005-0095)
Squid is a full featured, open source web proxy caching server. It supports the proxying of a variety of protocols including FTP, Gopher, and HTTP. It also supports the distribution of cached objects through the Web Cache Communication Protocol WCCP. A vulnerability exists in the way the Squid we...
Oracle Java System Web Proxy sockd Daemon Buffer Overflow (CVE-2007-2881)
Java System Web Proxy Server formerly Sun ONE Web Proxy Server is a software product that collects data from the network, determines where that data should go, and distributes it accordingly. A buffer overflow vulnerability exists in the Java System Web Proxy sockd daemon. The vulnerability is du...
DEBIAN-CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function...
Sun Java System Web Proxy Server Denial Of Service Vulnerability - Windows
Java Web Proxy Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sun Java System Web Proxy Server Detection (HTTP)
Detection of Java System Web Proxy Server. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Sun Java System Web Proxy Server Denial Of Service Vulnerability - Linux
Java Web Proxy Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
The Sun Java System SJS Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service daemon crash via a GET request...
多个浏览器WEB代理重定向处理中间人漏洞
Bugraq ID: 35412 CVE ID:CVE-2009-2061 CVE-2009-2062 CVE-2009-2063 多个浏览器处理WEB代理重定向存在中间人攻击。 攻击者可以利用这个漏洞进行钓鱼攻击或获得敏感信息。不过要利用此漏洞,攻击者必须截获或控制网络通信,如通过中间人,DNS毒药等攻击。 如下浏览器受此漏洞影响: Mozilla Firefox prior to 3.0.10 Apple Safari prior to 3.2.2 Opera prior to 9.25 Opera Software Opera Web Browser 8.51 Opera...
DirectAdmin <= v1.33.6 XSS vuln.
Vuln. discovered by : r0t Date: 19 June 2009 vendor:http://www.directadmin.com/ affected versions:v1.33.6 and other versions also can be affected. orginal advisory:http://pridels-team.blogspot.com/2009/06/directadmin-v1336-xss-vuln.html DirectAdmin contains a flaw that allows a remote Cross-Site...
Sun Java System Web Proxy Server 6.1 < 6.1 SP11 XSS Vulnerability
Sun Java Web Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...