18 matches found
EUVD-2002-0107
Malware in sbrugna...
EUVD-2002-1049
Malware in sbrugna...
CacheFlow CacheOS 4.1.10016 HTTP HOST Proxy Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header value. This...
CacheFlow CacheOS 3.1.x/4.0.x/4.1 Unresolved Domain Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5305/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. User supplied data is not sanitized before being included in an unresolved host...
Web Server Cross Site Scripting
The remote web server seems to be vulnerable to a Cross Site Scripting vulnerability XSS. The vulnerability is caused by the result being returned to the user when a non-existing file is requested e.g. the result contains script code provided in the request. This vulnerability would allow an...
[SA16126] Blue Coat Products ICMP Message Handling Denial of Service
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15851] Blue Coat Products TCP Timestamp Denial of Service
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy source: https://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header...
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
source: https://www.securityfocus.com/bid/8584/info Malicious HTTP HOST header field can be used on CacheOS to tunnel arbitrary TCP connections through a HTTP request. It has been reported that CacheFlow CacheOS may allow the misuse of the HOST header value. This may provide for the use of an...
CVE-2002-1060
CVE-2002-1060 describes a cross-site scripting (XSS) vulnerability in Blue Coat Systems (CacheFlow) CacheOS affecting Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06. The issue allows remote attackers to inject arbitrary web script or HTML by crafting a URL to a ...
CVE-2002-1060
Cross-site scripting XSS vulnerability in Blue Coat Systems formerly CacheFlow CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML,...
Cacheflow CacheOS 3.1.x/4.0.x/4.1 - Unresolved Domain Cross-Site Scripting
source: https://www.securityfocus.com/bid/5305/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. User supplied data is not sanitized before being included in an unresolved host error page. An attacker may constru...
Cacheflow CacheOS 3.1.x4.0.x4.1 - Unresolved Domain Cross-Site Scripting
Cacheflow CacheOS 3.1.x4.0.x4.1 - Unresolved Domain Cross-Site Scripting source: https://www.securityfocus.com/bid/5305/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. User supplied data is not sanitized before...
CVE-2002-0107
Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message...
CVE-2002-0107
CacheFlow CacheOS 4.0.13 and earlier expose a information disclosure vulnerability in a web administration interface: a sequence of GET requests that do not end with a HTTP/1.0 (or another version) string causes leakage of sensitive data in the error message. Affected product: CacheFlow CacheOS (...
CVE-2002-0107
Web administration interface in CacheFlow CacheOS 4.0.13 and earlier allows remote attackers to obtain sensitive information via a series of GET requests that do not end in with HTTP/1.0 or another version string, which causes the information to be leaked in the error message...
Cacheflow CacheOS 3.1/4.0 Web Administration - Arbitrary Cached Page Code Leakage
source: https://www.securityfocus.com/bid/3841/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. When a user connects to the system via the web administration interface on port 8081, and issues an HTTP...
Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage
Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage source: https://www.securityfocus.com/bid/3841/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. When a user connects to the system...