DEBIAN-CVE-2005-1857

Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply...

CVE-2005-2729

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services...

CVE-2005-2729

The CVE-2005-2729 entry describes a vulnerability in the HTTP proxy of Astaro Security Linux 6.0 where HTTP CONNECT requests to localhost are not properly filtered, allowing remote attackers to bypass firewall rules and access local services. The issue is a network‑level exposure with low attack ...

CVE-2005-2729

The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services...

CVE-2005-2730

The CVE-2005-2730 entry concerns the HTTP proxy in Astaro Security Linux 6.0. The issue arises from handling an invalid request, which can cause the proxy to disclose a Proxy-Authorization string in an error message. This is a remote-attack scenario with potential exposure of credentials, as indi...

CVE-2005-2730

The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message...

simpleproxy proxy server format string vulnerability

Format string bug on parent HTTP proxy server reply parsing...

Flatnuke <= 2.5.5 Remote Code Execution

Exploit for unknown platform in category web applications ======================================= Flatnuke FlatNuke 2.5.5 remote commands execution FlatNuke 2.5.5 possibly prior versions remote commands execution a script by rgod at http://rgod.altervista.org form name="form1" method="post"...

Flatnuke 2.5.5 - Remote Code Execution

FlatNuke 2.5.5 remote commands execution FlatNuke 2.5.5 possibly prior versions remote commands execution a script by rgod at http://rgod.altervista.org hostname ex: ww...

Flatnuke 2.5.5 - Remote Code Execution

Flatnuke 2.5.5 - Remote Code Execution FlatNuke 2.5.5 remote commands execution FlatNuke 2.5.5 possibly prior versions remote commands execution a script by rgod at http://rgod.altervista.org hostname ex: www...

USN-160-1: Apache 2 vulnerabilities

Marc Stern discovered a buffer overflow in the SSL module's certificate revocation list CRL handler. If Apache is configured to use a malicious CRL, this could possibly lead to a server crash or arbitrary code execution with the privileges of the Apache web server. CAN-2005-1268 Watchfire...

Moderate: Red Hat Security Advisory: httpd security update

Updated Apache httpd packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a powerful, full-featured, efficient, and...

[SECURITY] [DSA 726-1] New oops packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 726-1 [email protected] http://www.debian.org/security/ Martin Schulze May 20th, 2005 http://www.debian.org/security/faq -...

Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service

Overview The Apple Mac OS X Server HTTP proxy service does not restrict access by default and may allow unintended remote users to use the service. Description Mac OS X Server includes a service to provide for HTTP proxying. The HTTP proxy service does not include any access restrictions in the...

CVE-2005-1340

CVE-2005-1340 concerns the HTTP proxy service in Apple Mac OS X Server Admin (Mac OS X 10.3.9). The description in multiple sources states that the proxy does not restrict access when enabled, allowing remote users to misuse the proxy. Connected documents corroborate that this is a remote-access ...

CVE-2005-1340

The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy...

CVE-2005-1340

The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy...

Debian DSA-713-1 : junkbuster - several vulnerabilities

Several bugs have been found in junkbuster, a HTTP proxy and filter. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1108 James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidentally...

[SECURITY] [DSA 713-1] New junkbuster packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 713-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 713-1] New junkbuster packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 713-1 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2005 http://www.debian.org/security/faq -...