6 matches found
EUVD-2011-1495
Malware in sbrugna...
CVE-2017-14117
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
Code injection
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
BinProxy - BinProxy is a proxy for arbitrary TCP connections
BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem. Installation Prerequisites Ruby 2.3 or later A C compiler, Ruby headers, etc., are needed to compile several dependencies. On Ubuntu, sudo apt install build-essential ruby-dev should do...
CVE-2011-1492
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy source: https://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header...