Lucene search
K

320 matches found

CVE
CVE
added 2018/08/23 7:0 p.m.68 views

CVE-2003-1605

CVE-2003-1605 affects curl 7.x before 7.10.7. The vulnerability arises when curl connects to a site via an HTTP proxy using CONNECT, causing the proxy username/password to be sent to the remote server. This can lead to credential leakage of proxy authentication data. Public documents consistently...

7.5CVSS7.5AI score0.01915EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/08/23 7:0 p.m.31 views

CVE-2003-1605

curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...

7.5CVSS7.6AI score0.01915EPSS
Exploits0
Cvelist
Cvelist
added 2018/08/23 7:0 p.m.21 views

CVE-2003-1605

curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...

7.6AI score0.01915EPSS
Exploits0References2
CNVD
CNVD
added 2018/03/05 12:0 a.m.2 views

commandline package update tool zypper proxy certificate write log file vulnerability

commandline package update tool zypper is a commandline tool for updating zypper packages. A security vulnerability exists in commandline package update tool zypper, which originates when the program writes HTTP proxy credentials to the log. A local attacker can use this vulnerability to gain...

4CVSS6.9AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2018/03/01 8:29 p.m.2 views

DEBIAN-CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

3.3CVSS5.4AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2018/03/01 8:29 p.m.2 views

UBUNTU-CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

4CVSS5.7AI score0.00337EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/03/01 7:0 p.m.32 views

CVE-2017-9271 proxy credentials written to log files by zypper

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

4CVSS3.7AI score0.00337EPSS
Exploits0References3
CNVD
CNVD
added 2017/02/20 12:0 a.m.3 views

Puppet Enterprise Communication Protocol Denial of Service Vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture , it can be used to manage configuration files , users , cron tasks , packages , system services and so on. The Puppet Communications Protocol in Puppet Enterprise fails to properly validate the credentials ...

5.3CVSS6.8AI score0.00596EPSS
Exploits0References1
OSV
OSV
added 2016/11/03 6:35 a.m.5 views

USN-3121-1 openjdk-8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An attacker could use this to bypass Java sandbox restrictions. CVE-2016-5582 It was discovered that OpenJDK did not restrict the set of algorithms used for...

9.6CVSS6.8AI score0.05437EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/01/28 12:0 a.m.35 views

Ubuntu 14.04 LTS : curl vulnerability (USN-2882-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2882-1 advisory. Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host. Tenable has extracted the...

7.3CVSS7.5AI score0.09327EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/01/28 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-2882-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.4AI score0.09327EPSS
Exploits0References2
OSV
OSV
added 2016/01/27 6:59 p.m.1 views

USN-2882-1 curl vulnerability

Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host...

7.3CVSS7.1AI score0.09327EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2011/08/18 6:55 p.m.1 views

CVE-2011-2990

The implementation of Content Security Policy CSP violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by...

5CVSS8.5AI score0.00961EPSS
Exploits1References7
CVE
CVE
added 2005/08/20 4:0 a.m.42 views

CVE-2004-2440

The CVE-2004-2440 entry concerns proxytunnel (pre-1.1.3) with an unspecified vulnerability in the cmdline.c component that allows a local attacker to obtain proxy credentials (username or password) of other users. Affected software is proxytunnel, version

2.1CVSS6.3AI score0.00345EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2005/08/20 4:0 a.m.13 views

CVE-2004-2440

Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...

2.1CVSS6.1AI score0.00345EPSS
Exploits0
exploitpack
exploitpack
added 2005/04/07 12:0 a.m.13 views

FireFly 1.0 - Local Proxy Password Disclosure

FireFly 1.0 - Local Proxy Password Disclosure / FireFly v1.0 Local Exploit by Kozan Application: FireFly v1.0 Vendor: NetCruiser Software - www.netcruiser-software.com Vulnerable Description: FireFly v1.0 discloses proxy passwords to local users. Discovered & Coded by: Kozan Credits to ATmaCA Web...

7.4AI score
Exploits0
0day.today
0day.today
added 2005/02/26 12:0 a.m.23 views

eXeem 0.21 Local Password Disclosure Exploit (asm)

Exploit for unknown platform in category local exploits ================================================== eXeem 0.21 Local Password Disclosure Exploit asm ================================================== ;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat,...

6.8AI score
Exploits0
OSV
OSV
added 2004/12/31 5:0 a.m.1 views

DEBIAN-CVE-2004-2440

Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...

2.1CVSS6.5AI score0.00345EPSS
Exploits0References1
OSV
OSV
added 2004/12/31 5:0 a.m.4 views

CVE-2004-2440

Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...

6.5AI score
Exploits0References6
OSV
OSV
added 2002/07/26 4:0 a.m.3 views

DEBIAN-CVE-2002-0715

Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password...

5CVSS6.9AI score0.02303EPSS
Exploits0References1
Rows per page
Query Builder