676 matches found
CVE-2004-0541
Buffer overflow in the ntlmcheckauth NTLM authentication function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password "pass" variable...
ArbitroWeb v0.6 Javascript injection vulnerability
vendor: ArbitroWeb about: An anonymous web surfing proxy written in PHP. ArbitroWeb will redirect all web requests thru it's set of scripts, all URL's contained will be adjusted/mangled to it's own scripts. date: june 22nd, 2004 vendor status: ? problem: javascript can be injected into the...
CVE-2004-0541
Buffer overflow in the ntlmcheckauth NTLM authentication function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password "pass" variable...
CVE-2004-0541
CVE-2004-0541 affects Squid Web Proxy Cache (2.5.x and 3.x when built with NTLM handlers). The issue is a buffer overflow in the NTLM authenticate path, specifically in ntlm_check_auth, where a long password can overflow the local buffer and enable remote code execution. Public references show ex...
CVE-2004-0541
Buffer overflow in the ntlmcheckauth NTLM authentication function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password "pass" variable...
[Full-Disclosure] iDEFENSE Security Advisory 06.08.04: Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability
Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability iDEFENSE Security Advisory 06.08.04 www.idefense.com/application/poi/display?id=107&type=vulnerabilities June 8, 2004 I. BACKGROUND Squid is a fully-featured Web Proxy Cache designed to run on Unix systems and supports...
[Full-Disclosure] MondoSoft - Proxy through MsmHigh.exe
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - Proxy through MsmHigh.exe Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200401.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...
trendmicro.txt
TrendMicro Interscan Viruswall Directory Traversal ================================================= PROGRAM: TrendMicro Interscan Viruswall HOMEPAGE: http://www.trendmicro.com VULNERABLE VERSIONS: - 3.5x Windows - Unix/Solaris version is not tested but possibly vulnerable DESCRIPTION...
TrendMacro Interscan Viruswall Directory Traversal
TrendMacro Interscan Viruswall Directory Traversal ================================================= PROGRAM: TrendMacro Interscan Viruswall HOMEPAGE: http://www.trendmicro.com VULNERABLE VERSIONS: - 3.5x Windows - Unix/Solaris version is not tested but possibly vulnerable DESCRIPTION...
CVE-2004-0326
The CVE-2004-0326 entry maps to a stack/buffer overflow in the web proxy of GateKeeper Pro 4.7 triggered by a long HTTP GET request to the proxy’s default port 3128, enabling remote code execution as described in multiple sources. Connected docs include exploit-related references (Metasploit modu...
CVE-2004-0326
Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request...
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow /================CRPT - FrenchTeam ================= Coromputer Security Advisory - CRPTSA-01 =================== Summary ===================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer...
GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits =========================================================== GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit =========================================================== /================CRPT - FrenchTeam =================...
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
/================CRPT - FrenchTeam ================= Coromputer Security Advisory - CRPTSA-01 =================== Summary ===================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer overflow Release Date : 2004-02-23 =================== Description...
[Full-Disclosure] GateKeeper Pro 4.7 buffer overflow
/==============================CRPT - French Team============================= Coromputer Security Advisory - CRPTSA-01 ================================== Summary ================================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer overflow Release Date :...
Inktomi Traffic-Server XSS: man-in-the-middle XSS !
Please we would like that credits of this vulnerability go to INFOHACKING Hugo Vбzquez Caramйs and Toni Cortйs Martinez. Actually we work at "Secdor R&D". The vulnerabily was found, once again, during a pen-test. INKTOMI Traffic-Server XSS We have just discovered a bug in a software called "Inkto...
CVE-2002-0990
The web proxy component in Symantec Enterprise Firewall SEF 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service connection resource exhaustion via multiple connection requests to domains whose DNS server...
Hosting Controller Vulnerability
In Hosting Controller 2002, it is possible to change the password of any user, Administrator. To exploit this, one would have to: Add a user /accounts/getuserdesc.asp Edit the user, changing the password /accounts/updateuserdesc.asp Then using something like the @stake web proxy, change the hidde...
Proxomitron Naoko-4 - Cross-Site Scripting
Proxomitron Naoko-4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for...
Proxomitron Naoko-4 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for script code to be embedded in the error page...