PYSEC-2021-46

beforeupstreamconnection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion and versus or...

The vulnerability of the Proxy-Authentication component of the Squid proxy server allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Proxy-Authentication component of the Squid proxy server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

CentOS: Security Advisory for squid (CESA-2020:2040)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Denial Of Service (DoS)

Squid is vulnerable to denial of service DoS. Parsing of header Proxy-Authentication leads to memory corruption...

Scientific Linux Security Update : squid on SL7.x x86_64 (20200506)

Security Fixes : - squid: improper check for new member in ESIExpression::Evaluate allows for stack-based buffer overflow CVE-2019-12519 - squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution CVE-2020-11945 - squid: parsing of header...

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2016-1080)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox ESR < 31.4 Multiple Vulnerabilities

Binary data 701250.prm...

ALPINE-CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

UBUNTU-CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

RHEL 6 : spacewalk-backend and spacewalk-proxy (RHSA-2019:1663)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1663 advisory. Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fixes:...

spacewalk-proxy: Path traversal in proxy authentication cache

A path traversal flaw was found in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process...

PivotSuite - A Network Pivoting Toolkit

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. PivotSuite as a Server : If the...

Cisco Wide Area Application Services (WAAS) HTTPS Proxy Authentication Bypass Vulnerability

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An authentication bypass vulnerability exists in the HTTP...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

Authentication flaw

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

CVE-2016-4642

CVE-2016-4642 affects CFNetwork Proxies in iOS 9.3.3 and later, tvOS 9.2.2, and OS X El Capitan 10.11.6/Security Update 2016-004. The flaw: proxy authentication incorrectly reported HTTP proxies received credentials securely, with an impact described as possible leakage of sensitive user informat...

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings...

November 8, 2016 — KB3198586 (OS Build 10586.679)

November 8, 2016 — KB3198586 OS Build 10586.679 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of the Windows shell, Microsoft Edge, and Internet Explorer 11...

Arachni v1.5.1 - Web Application Security Scanner Framework

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is...