675 matches found
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...
Code injection
Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2240
Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2240
Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2240
CVE-2006-2240 concerns an unspecified vulnerability in the Fujitsu NetShelter/FW web cache or web proxy. The issue reportedly allows remote attackers to cause a denial of service resulting in device unresponsiveness, via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. The...
WebWasher < 4.4.1 Build 1613 Multiple Vulnerabilities
The remote web proxy suffers from multiple flaws. Description : The remote host is running the web proxy WebWasher. According to its banner, the installed version of WebWasher is prone to multiple cross-site scripting flaws. Successful exploitation of these issues may allow an attacker to execute...
CVE-2004-2654
Squid Web Proxy Cache is affected by CVE-2004-2654. The vulnerability resides in clientAbortBody() in client_side.c and can trigger a null-dereference, allowing remote denial of service. Affected version line: before 2.6 STABLE6. The issue is not the buffer overflow claim; vendor reports indicate...
CVE-2004-2654
The clientAbortBody function in clientside.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer...
CVE-2004-2654
The clientAbortBody function in clientside.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer...
WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)
The remote host is running WinProxy, a proxy server for Windows. According to the Windows registry, the installed version of WinProxy suffers from denial of service and buffer overflow vulnerabilities in its telnet and web proxy servers. An attacker may be able to exploit these issues to crash th...
CVE-2005-4806
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service unresponsive service via unknown vectors...
CVE-2005-4133
Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via 1 an unspecified vector and 2 proxy log files...
Polipo < 0.9.9 Unspecified Traversal Arbitrary File Access
The remote host is running the Polipo caching web proxy. In addition to caching web pages, the software also functions as a web server for providing access to documentation, cached pages, etc. The built-in web server in the installed version of Polipo fails to filter directory traversal sequences...
SUSE-SA:2005:053: squid
The remote host is missing the patch for the advisory SUSE-SA:2005:053 squid. This update of the Squid web-proxy fixes two remotely exploitable denial of service vulnerabilities. One can be triggered by aborting a request CVE-2005-2794 due to a faulty assertion. The other one occurs in...
Important: Red Hat Security Advisory: squid security update
An updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could...
[SA16757] Sun Java System Web Proxy Server Denial of Service Vulnerabilities
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Sun Java System Web Proxy Server DoS
Three different vulnerabilities leading to server crash...
SunOne Web Proxy < 3.6 SP8 Unspecified DoS
Binary data 3218.prm...
CVE-2004-2480
Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer...
CVE-2004-2479
The CVE-2004-2479 issue affects Squid Web Proxy Cache (2.5 era) where a remote attacker can cause DNS operations to fail by submitting URLs with invalid hostnames, leading Squid to reference previously used error messages. Connected advisories confirm this vulnerability and describe updates to Sq...