106 matches found
EUVD-2018-13761
Malware in sbrugna...
EUVD-2016-1710
Malware in sbrugna...
EUVD-2005-3746
Malware in sbrugna...
EUVD-2005-1394
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-21245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711. CVE-2018-21245 Note that Nessus relies on the presence of the package as...
OPENSUSE-SU-2024:11190-1 pound-2.8-3.9 on GA media
These are all security issues fixed in the pound-2.8-3.9 package on the GA media of openSUSE Tumbleweed...
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC 0. Install Tornado. 1. Start a simple Tornado server that echoes...
GHSA-753J-MPMX-QQ6G Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
Summary When Tornado receives a request with two Transfer-Encoding: chunked headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. Pound does this. PoC 0. Install Tornado. 1. Start a simple Tornado server that echoes...
Debian: Security Advisory (DLA-400-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2005-1391
Buffer overflow in the addport function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header...
SUSE CVE-2005-3751
HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers...
SUSE CVE-2016-10711
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751...
SUSE CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711...
Ubuntu: Security Advisory (USN-4702-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4702-1 pound vulnerabilities
It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information. CVE-2016-10711, CVE-2018-21245...
USN-4702-1: Pound vulnerabilities
It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information. CVE-2016-10711, CVE-2018-21245...
Ubuntu 16.04 LTS : Pound vulnerabilities (USN-4702-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4702-1 advisory. It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information...
Apsis Pound Environmental Issues Vulnerabilities
Apsis Pound is a reverse proxy program for Web servers from the German company Apsis. The program supports reverse proxy, load balancing and HTTPS front-end and other features. A security vulnerability exists in versions of Apsis Pound prior to 2.8. An attacker can exploit the vulnerability to...
CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711...
CVE-2018-21245
Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711...