6 matches found
Mandriva Linux Security Advisory : sarg (MDVSA-2008:079)
A stack-based buffer overflow in sarg Squid Analysis Report Generator allowed remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header CVE-2008-1167. A cross-site scripting vulnerability in sarg version 2.x prior to 2.2.5 allowed remote attackers to inject...
Mandriva Update for sarg MDVSA-2008:079 (sarg)
Check for the Version of sarg OpenVAS Vulnerability Test Mandriva Update for sarg MDVSA-2008:079 sarg Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for sarg MDVSA-2008:079 (sarg)
Check for the Version of sarg OpenVAS Vulnerability Test Mandriva Update for sarg MDVSA-2008:079 sarg Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Gentoo Security Advisory GLSA 200803-21 (sarg)
The remote host is missing updates announced in advisory GLSA 200803-21. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2008-1168
Cross-site scripting (XSS) in Squid Analysis Report Generator (Sarg) affects multiple 2.2.x releases (notably 2.2.4; earlier 2.2.3.1) via the User-Agent header when rendering the Squid proxy log. Root cause: an improper handling of User-Agent data leads to script/HTML injection. Impact: remote at...
CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...