Lucene search
+L

640 matches found

Prion
Prion
added 2013/03/11 5:55 p.m.18 views

Code injection

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS6.9AI score0.04632EPSS
Exploits2References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/03/11 5:55 p.m.28 views

CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS7.1AI score0.04632EPSS
Exploits2References3
OSV
OSV
added 2013/03/11 5:55 p.m.3 views

UBUNTU-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS7.1AI score0.04632EPSS
Exploits2References4
Debian CVE
Debian CVE
added 2013/03/11 5:0 p.m.76 views

CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

5.8CVSS6.3AI score0.04632EPSS
Exploits2
Cvelist
Cvelist
added 2013/03/11 5:0 p.m.51 views

CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

6.2AI score0.04632EPSS
Exploits2References3
CVE
CVE
added 2013/03/11 5:0 p.m.69 views

CVE-2013-2503

Privoxy before 3.0.21 does not correctly handle Proxy-Authenticate and Proxy-Authorization headers, enabling a remote HTTP server to spoof the intended proxy service via a 407 status. Connected advisories show OpenSUSE/SUSE patches bringing Privoxy to 3.0.21 to fix CVE-2013-2503, confirming the v...

5.8CVSS6.3AI score0.04632EPSS
Exploits2References3Affected Software1
Packet Storm
Packet Storm
added 2013/03/11 12:0 a.m.45 views

Privoxy 3.0.20-1 Credential Exposure

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

5.8CVSS7.5AI score0.04632EPSS
Exploits2
exploitpack
exploitpack
added 2013/03/11 12:0 a.m.17 views

Privoxy Proxy - Authentication Information Disclosure

Privoxy Proxy - Authentication Information Disclosure source: https://www.securityfocus.com/bid/58425/info Privoxy is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2013/03/11 12:0 a.m.34 views

Privoxy Proxy - Authentication Information Disclosure

source: https://www.securityfocus.com/bid/58425/info Privoxy is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This may aid in further attacks. Privoxy 3.0.20 is affecte...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2013/03/07 12:0 a.m.39 views

privoxy -- malicious server spoofing as proxy vulnerability

Privoxy Developers reports: Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentially allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley...

5.8CVSS6.6AI score0.04632EPSS
Exploits2References1
Fedora
Fedora
added 2013/02/03 1:38 p.m.33 views

[SECURITY] Fedora 17 Update: tor-0.2.2.39-1700.fc17

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

5CVSS3.4AI score0.02775EPSS
Exploits1
Fedora
Fedora
added 2012/09/24 3:21 a.m.33 views

[SECURITY] Fedora 18 Update: tor-0.2.2.39-1800.fc18

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

5CVSS3.4AI score0.02775EPSS
Exploits0
Fedora
Fedora
added 2011/11/10 5:25 p.m.31 views

[SECURITY] Fedora 16 Update: tor-0.2.2.34-1600.fc16

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

5.8CVSS3.4AI score0.01203EPSS
Exploits0
Fedora
Fedora
added 2011/11/04 8:27 p.m.27 views

[SECURITY] Fedora 15 Update: tor-0.2.1.31-1500.fc15

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

5.8CVSS3.4AI score0.01203EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/05/17 12:0 a.m.28 views

Fedora Update for tor FEDORA-2011-0642

Check for the Version of tor OpenVAS Vulnerability Test Fedora Update for tor FEDORA-2011-0642 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

6.8CVSS0.1AI score0.04444EPSS
Exploits0References2
Fedora
Fedora
added 2011/05/13 11:12 p.m.42 views

[SECURITY] Fedora 14 Update: tor-0.2.1.29-1400.fc14

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

6.8CVSS3.4AI score0.04444EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/01/04 12:0 a.m.21 views

Fedora Update for tor FEDORA-2010-19159

Check for the Version of tor OpenVAS Vulnerability Test Fedora Update for tor FEDORA-2010-19159 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

10CVSS0.2AI score0.07876EPSS
Exploits0References2
Fedora
Fedora
added 2010/12/29 9:55 p.m.26 views

[SECURITY] Fedora 14 Update: tor-0.2.1.28-1400.fc14

Tor is a connection-based low-latency anonymous communication system. Applications connect to the local Tor proxy using the SOCKS protocol. The local proxy chooses a path through a set of relays, in which each relay knows its predecessor and successor, but no others. Traffic flowing down the...

10CVSS3.4AI score0.07876EPSS
Exploits0
rdot
rdot
added 2010/09/08 12:0 a.m.46 views

Прорыв сквозь фашистский фаервол: Туннелинг-инкапсуляция в корпоративных средах с ISA

Предисловие. Данная статья не несет каких-либо новых концепций, но является оригинальной. Ввиду этого прошу не разводить флуд, что это уже все было у бабушки во сне, етс. Так же не статья не является руководством по использованию перечисленного программного обеспечения, а рассматривает частную...

7AI score
Exploits0
NVD
NVD
added 2009/03/31 5:30 p.m.18 views

CVE-2007-6722

Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify...

5CVSS6.8AI score0.01298EPSS
Exploits1References2
Rows per page
Query Builder