49 matches found
CVE-2019-17601
CVE-2019-17601 affects MiniShare 1.4.1 and is due to a stack-based buffer overflow triggered by an HTTP CONNECT request, allowing arbitrary code execution. The vulnerability is identified across multiple records (NVD, Red Hat, CVE lists) and is described as a stack-based overflow in MiniShare 1.4...
XFLTReaT - Tunnelling Framework
This is just one thing of many things that was missing from the Internet. If you got tired of trying several tunnelling tools for each protocols, this must be your tool framework. Available modules TCP UDP ICMP SOCKS v4, 4a, 5 HTTP CONNECT DNS A/CNAME, PRIVATE, NULL - Proof of Concept Available...
CVE-2016-10130
The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...
Proxy HTTP CONNECT Detection
Binary data 9535.prm...
HTTP CONNECT and 407 Proxy Authentication Required messages are not integrity protected
Overview HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context of the originally...
Code injection
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...
CVE-2015-5841
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...
CVE-2015-5841
CVE-2015-5841 concerns the CFNetwork Proxies component on macOS/iOS. Root cause: improper handling of a Set-Cookie header in HTTP CONNECT responses, enabling a remote proxy to inject cookies via a crafted response. Public references in Apple advisories show mitigation by removing the Set-Cookie h...
WebWasher Classic 2.2/2.3 HTTP CONNECT Unauthorized Access
No description provided by source. source: http://www.securityfocus.com/bid/12394/info It is reported that WebWasher Classic is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer. This weakness may be combined with other attacks to exploit...
Astaro Security Linux 6.0 01 HTTP CONNECT Unauthorized Access Weakness
No description provided by source. source: http://www.securityfocus.com/bid/14665/info Astaro Security Linux is prone to a weakness that may allow remote attackers to connect to arbitrary ports on a vulnerable computer. This weakness may be combined with other attacks to exploit latent...
Oracle Linux 6 : stunnel (ELSA-2013-0714)
The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0714 advisory. 4.29-3 Resolves: CVE-2013-1762 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
CentOS Update for stunnel CESA-2013:0714 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-2062
Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...
Design/Logic Flaw
Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...
CVE-2009-2060
src/net/http/httptransactionwinhttp.cc in Google Chrome before 1.0.154.53 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this...
CVE-2009-2061
CVE-2009-2061 affects Mozilla Firefox prior to 3.0.10. The vulnerability allows a man-in-the-middle to modify the 3xx HTTP CONNECT response before SSL handshake, enabling a 302 redirect to an arbitrary HTTPS site and potential arbitrary script execution in the context of an HTTPS page. The issue ...
CVE-2009-2062
Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...
Safari < 3.2.2 Multiple Vulnerabilities
The version of Safari installed on the remote Windows host is earlier than 3.2.2. Such versions reportedly have multiple security vulnerabilities : - Input validation issues in their handling of 'feed:' URLs, which could be abused to execute arbitrary JavaScript code in the local security zone. -...
HTTP CONNECT Proxy Detection
The remote service supports the HTTP CONNECT method for tunneling connections through an HTTP connection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid34473; scriptversion"1.10";...
CVE-2007-0796
Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption...