MailGust <= 1.9 (board takeover) SQL Injection Exploit

No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

PHPBB 2.0.20 Unauthorized HTTP Proxy Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17965/info phpBB is prone to a vulnerability that could permit the application to become an unauthorized HTTP proxy. An attacker can exploit this issue to manipulate phpBB into becoming an HTTP proxy...

Qbik WinGate WWW Proxy Server URL Processing Overflow

No description provided by source. $Id: qbikwingatewwwproxy.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...

SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1400/info Multiple unchecked buffers exist in the POP3 and HTTP Proxy components of SapporoWorks WinProxy which could open up the possibilities of denial of service attacks or remote execution of arbitrary code. Performin...

mysource 2.14.8/2.16 - Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20153/info MySource products are prone to multiple input-validation vulnerabilities. Exploiting these issues will allow an attacker to manipulate the application into becoming an HTTP proxy and to conduct cross-site...

SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long expires, if-modified-since, and LastModified strings...

ZoneAlarm 8.0.20 HTTP Proxy Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31431/info ZoneAlarm Internet Security Suite is prone to a remote denial-of-service vulnerability that occurs in the TrueVector component when connecting to a malicious HTTP proxy. ZoneAlarm Internet Security Suite 8.0.02...

AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit

No description provided by source. ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference =...

Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness

No description provided by source. source: http://www.securityfocus.com/bid/17936/info Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness. The vendor has reported that the NAT/HTTP proxy component of the products may reveal the internal IP...

wpbf - WordPress Brute Force

The script will try to login into the WordPress dashboard through the login form using a mixture of enumerated usernames, a wordlist and relevant keywords from the blog's content. If a single username is given, the script will not search for additional usernames. When a correct username/passwords...

[THC-Hydra 7.5] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

[Doona] Network Protocol Fuzzer

Doona is a fork of the Bruteforce Exploit Detector, it was renamed to avoid confusion as it has a large number of of changes. You should get a copy from github if you want to try it: https://github.com/wireghoul/doona. It's currently a little short on documentation, so I will let the changelog...

DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)

DoS Vulnerability fixed in Node v0.8.26 and v0.10.21 Node.js is vulnerable to a denial of service attack when a client sends many pipelined HTTP requests on a single connection, and the client does not read the responses from the connection. We recommend that anyone using Node.js v0.8 or v0.10 to...

Multiple Vulnerabilities in Cisco Firewall Services Module Software (cisco-sa-20130410-fwsm)

The remote Cisco Firewall Services Module FWSM for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by the following vulnerabilities : - A flaw in the FWSM software could allow remote attackers to cause a denial of service DoS condition via a crafted IKEv1 message...

Blue Coat ICAP Patience Page XSS

The remote host is running a version of Blue Coat ProxySG that suffers from a XSS issue. An attacker can exploit this issue by sending a malicious link that will redirect the user to the ICAP 'Patience' page which will echo the link back, unfiltered. %NASLMINLEVEL 70300 C Tenable Network Security...

[SECURITY] Fedora 18 Update: nodejs-tunnel-agent-0.3.0-1.fc18

HTTP proxy tunneling agent...

CVE-2013-2070

http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy response, a simila...

nginx 'ngx_http_parse.c'栈缓冲区溢出漏洞

BUGTRAQ ID: 59699 CVECAN ID: CVE-2013-2028 nginx是HTTP及反向代理服务器，同时也用作邮件代理服务器。 nginx 1.3.9 - 1.4.0在解析HTTP块时，"ngxhttpparsechunked"函数 http/ngxhttpparse.c中存在错误，可被利用造成栈缓冲区溢出。 0 Nginx 1.3.9 - 1.4.0 临时解决方法： 建议您升级到nginx 1.4.1或者是1.5.0。但如果您不能立刻安装补丁或者升级，您可以采取以下措施以降低威胁： 在每个server块中使用如下配置 if $httptransferencodi...

Medium: nginx

Issue Overview: http/modules/ngxhttpproxymodule.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxypass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service crash and obtain sensitive information from worker process memory via a crafted proxy...