25 matches found
EUVD-2008-0318
Malware in sbrugna...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
squid: Request/Response smuggling in HTTP/1.1 and ICAP
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...
An ever green, ever great way to learn Spring
I could do this post every week. Wait, I do do this post every week! It's called This Week in Spring, and in it I recap a lot of interesting new bits of content on the internet that elaborate or introduce or innovate. I love those points of data. They help. But they're almost never a full-guided...
WithSecure products 安全漏洞
WithSecure products is a line of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure that stems from a denial-of-service DoS vulnerability found in the fsicapd component, which could cause the service to crash while parsing ICAP requests...
A week in security (July 9 – July 15)
Last week, we talked about domestic abuse fuelled by IoT, doing threat intel programs right, blocking ICO fraud, and man-in-the-middle attacks. We also explained why we block shady ad blockers and provided tips to online shoppers for Prime Day. Other news: Reports revealed that low-end Android...
Akamai's Leading Role in the DNS Renaissance
In case you haven't been paying attention, an unlikely technology, the Internet's Domain Name System, or DNS, is experiencing a renaissance. For much of its existence, DNS has maintained a simple and singular function - to resolve Internet names to IP addresses. Over the past several years,...
UBUNTU-CVE-2013-7401
The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...
Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2800/info eSafe Gateway is a security utility used for filtering internet content. It is possible to craft an html file that slips through eSafe Gateway's script filtering feature. eSafe Gateway will ignore scripting...
eSafe Gateway 2.1 Script-filtering Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2750/info eSafe Gateway is a security utility used for filtering internet content. An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply changing the syntax of...
Aladdin Knowledge Systems eSafe Gateway 3.0 Unicode Script-filtering Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2801/info eSafe Gateway is a security utility used for filtering internet content. An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply encoding the SCRIPT ta...
Mozilla IFRAME Style Change Handling Code Execution (CVE-2008-1236)
Firefox is an open source web browser developed by Mozilla Foundation. The application is capable of interpreting and rendering many types of Internet content, including various versions of HTML, XML, CSS Cascade Style Sheet, Javascript, various graphic formats, and so on. Firefox is made availab...
ContentKeeper Authenticated Access Password Disclosure
aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 22-Sep-2006 Software: ContentKeeper Technologies - ContentKeeper http://www.contentkeeper.com/ "ContentKeeper is an industry leading Internet content filter that allows organisations to monitor,...
ISA Server 2000 and Proxy Server 2.0 Internet Content Spoofing (888258)
The ISA Server 2000 and Proxy Server 2.0 have been found to be vulnerable to a spoofing vulnerability that could enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for...
CVE-2005-1214
CVE-2005-1214 involves a spoofing flaw in Microsoft Agent that could allow remote attackers to impersonate trusted Internet content and potentially execute arbitrary code when a user visits a malicious Web page. Connected docs confirm the vulnerability (CAN-2005-1214) exists in Microsoft Agent an...
CVE-2005-1214
Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page...
Microsoft Agent vulnerable to trusted site spoofing
Overview Microsoft Agent contains a vulnerability that could allow a remote attacker to spoof trusted Internet content. Description Microsoft Agent is a software extension that enhances user interaction through the use of interactive personalities in the form of animated characters. Applications...
CVE-2004-0892
Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results...
Vulnerable SSL Implementation in iCDN
...