Lucene search
K

675 matches found

securityvulns
securityvulns
added 2006/05/25 12:0 a.m.42 views

Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"

IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...

0.1AI score
Exploits0
Prion
Prion
added 2006/05/09 10:2 a.m.13 views

Code injection

Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...

5CVSS7.2AI score0.02169EPSS
Exploits0References6
NVD
NVD
added 2006/05/09 10:2 a.m.11 views

CVE-2006-2240

Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...

5CVSS6.7AI score0.02169EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/05/09 10:0 a.m.13 views

CVE-2006-2240

Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...

6.7AI score0.02169EPSS
Exploits0References6
CVE
CVE
added 2006/05/09 10:0 a.m.47 views

CVE-2006-2240

CVE-2006-2240 concerns an unspecified vulnerability in the Fujitsu NetShelter/FW web cache or web proxy. The issue reportedly allows remote attackers to cause a denial of service resulting in device unresponsiveness, via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. The...

5CVSS6.7AI score0.02169EPSS
Exploits0References6Affected Software4
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.10 views

WebWasher < 4.4.1 Build 1613 Multiple Vulnerabilities

The remote web proxy suffers from multiple flaws. Description : The remote host is running the web proxy WebWasher. According to its banner, the installed version of WebWasher is prone to multiple cross-site scripting flaws. Successful exploitation of these issues may allow an attacker to execute...

6.8AI score
Exploits0References2
CVE
CVE
added 2006/02/24 11:0 a.m.62 views

CVE-2004-2654

Squid Web Proxy Cache is affected by CVE-2004-2654. The vulnerability resides in clientAbortBody() in client_side.c and can trigger a null-dereference, allowing remote denial of service. Affected version line: before 2.6 STABLE6. The issue is not the buffer overflow claim; vendor reports indicate...

5CVSS7.1AI score0.01993EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/02/24 11:0 a.m.32 views

CVE-2004-2654

The clientAbortBody function in clientside.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer...

7AI score0.01993EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2006/02/24 11:0 a.m.16 views

CVE-2004-2654

The clientAbortBody function in clientside.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer...

5CVSS5.1AI score0.01993EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/10 12:0 a.m.41 views

WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)

The remote host is running WinProxy, a proxy server for Windows. According to the Windows registry, the installed version of WinProxy suffers from denial of service and buffer overflow vulnerabilities in its telnet and web proxy servers. An attacker may be able to exploit these issues to crash th...

7.5CVSS6.5AI score0.65925EPSS
Exploits13References7
NVD
NVD
added 2005/12/31 5:0 a.m.16 views

CVE-2005-4806

Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service unresponsive service via unknown vectors...

5CVSS6.9AI score0.02455EPSS
Exploits0References4
NVD
NVD
added 2005/12/09 3:3 p.m.17 views

CVE-2005-4133

Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via 1 an unspecified vector and 2 proxy log files...

2.1CVSS6.6AI score0.00354EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2005/10/06 12:0 a.m.22 views

Polipo < 0.9.9 Unspecified Traversal Arbitrary File Access

The remote host is running the Polipo caching web proxy. In addition to caching web pages, the software also functions as a web server for providing access to documentation, cached pages, etc. The built-in web server in the installed version of Polipo fails to filter directory traversal sequences...

5CVSS5.6AI score0.01346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.23 views

SUSE-SA:2005:053: squid

The remote host is missing the patch for the advisory SUSE-SA:2005:053 squid. This update of the Squid web-proxy fixes two remotely exploitable denial of service vulnerabilities. One can be triggered by aborting a request CVE-2005-2794 due to a faulty assertion. The other one occurs in...

5CVSS5.5AI score0.07829EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2005/09/15 8:58 a.m.38 views

Important: Red Hat Security Advisory: squid security update

An updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could...

5CVSS5.8AI score0.07829EPSS
Exploits0References7
securityvulns
securityvulns
added 2005/09/10 12:0 a.m.26 views

[SA16757] Sun Java System Web Proxy Server Denial of Service Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/09/10 12:0 a.m.28 views

Sun Java System Web Proxy Server DoS

Three different vulnerabilities leading to server crash...

1.9AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/09/09 12:0 a.m.17 views

SunOne Web Proxy < 3.6 SP8 Unspecified DoS

Binary data 3218.prm...

5CVSS7.3AI score0.02455EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/08/21 4:0 a.m.17 views

CVE-2004-2480

Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer...

6.9AI score0.03028EPSS
Exploits1References3
CVE
CVE
added 2005/08/21 4:0 a.m.78 views

CVE-2004-2479

The CVE-2004-2479 issue affects Squid Web Proxy Cache (2.5 era) where a remote attacker can cause DNS operations to fail by submitting URLs with invalid hostnames, leading Squid to reference previously used error messages. Connected advisories confirm this vulnerability and describe updates to Sq...

5CVSS5.9AI score0.02081EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder