UBUNTU-CVE-2014-8639

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 aka Proxy Authentication Required status code, which allows remote HTTP proxy servers to conduct session...

Mozilla Thunderbird < 31.4 Multiple Vulnerabilities

The version of Thunderbird installed on the remote Windows host is prior to 31.4. It is, therefore, affected by the following vulnerabilities : - Multiple unspecified memory safety issues exist within the browser engine. CVE-2014-8634, CVE-2014-8635 - A flaw exists in 'navigator.sendBeacon' in...

Mozilla: Cookie injection through Proxy Authenticate responses (MFSA 2015-04)

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 aka Proxy Authentication Required status code, which allows remote HTTP proxy servers to conduct session...

Mozilla: Cookie injection through Proxy Authenticate responses (MFSA 2015-04)

Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 aka Proxy Authentication Required status code, which allows remote HTTP proxy servers to conduct session...

TWiki <= 4.0.4 (configure) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl Tue Aug 1 13:18:12 CEST 2006 [email protected] use strict; use LWP::UserAgent; use LWP::Simple; use HTTP::Request; use HTTP::Response; use Getopt::Long; $| = 1; couse 1 is bigger than 0 my $proxy,$proxyuser,$proxypass; my $host,$debug,$dir,...

MyBulletinBoard (MyBB) <= 1.2.3 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; http://www.milw0rm.com/exploits/2012 They corrected not all a lot of SQL requests which use the ipaddress, with $db-escapestring. They don't corrected the function this is a choice ... the bad and they forgot to...

openSUSE Security Update : privoxy (openSUSE-2013-242)

privoxy was updated to 3.0.21 stable fo fix CVE-2013-2503 bnc809123 - changes in 3.0.21 - On POSIX-like platforms, network sockets with file descriptor values above FDSETSIZE are properly rejected. Previously they could cause memory corruption in configurations that allowed the limit to be reache...

Code injection

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform formerly Citrix CloudStack 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code...

Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

DEBIAN-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

UBUNTU-CVE-2013-2503

Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 aka Proxy Authentication Required HTTP status code...

Privoxy 3.0.20-1 Credential Exposure

Privoxy Proxy Authentication Credential Exposure Product: Privoxy Project Homepage: privoxy.org Advisory ID: c22-2013-01 Vulnerable Versions: 3.0.20 and possibly prior Tested Version: 3.0.20-1 tested using Debian Sid Vendor Notification: March 6, 2013 Public Disclosure: March 11, 2013 Vulnerabili...

Privoxy Proxy - Authentication Information Disclosure

Privoxy Proxy - Authentication Information Disclosure source: https://www.securityfocus.com/bid/58425/info Privoxy is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to the user accounts and potentially obtain sensitive information. This...

privoxy -- malicious server spoofing as proxy vulnerability

Privoxy Developers reports: Proxy authentication headers are removed unless the new directive enable-proxy-authentication-forwarding is used. Forwarding the headers potentially allows malicious sites to trick the user into providing them with login information. Reported by Chris John Riley...

USN-1748-1: Thunderbird vulnerabilities

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers COW and System Only Wrappers SOW. If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or...

CVE-2012-0335

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

Information disclosure

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

CVE-2012-0335

Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746...

PT-2012-2509 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 7.2 through 8.4 Description: The issue allows remote attackers to obtain sensitive information via a connection attempt due to improper proxy authentication during attempts t...

Ubuntu Update for kde4libs USN-1248-1

Ubuntu Update for Linux kernel vulnerabilities USN-1248-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12481.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for kde4libs USN-1248-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...