320 matches found
CVE-2003-1605
CVE-2003-1605 affects curl 7.x before 7.10.7. The vulnerability arises when curl connects to a site via an HTTP proxy using CONNECT, causing the proxy username/password to be sent to the remote server. This can lead to credential leakage of proxy authentication data. Public documents consistently...
CVE-2003-1605
curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...
CVE-2003-1605
curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...
commandline package update tool zypper proxy certificate write log file vulnerability
commandline package update tool zypper is a commandline tool for updating zypper packages. A security vulnerability exists in commandline package update tool zypper, which originates when the program writes HTTP proxy credentials to the log. A local attacker can use this vulnerability to gain...
DEBIAN-CVE-2017-9271
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...
UBUNTU-CVE-2017-9271
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...
CVE-2017-9271 proxy credentials written to log files by zypper
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...
Puppet Enterprise Communication Protocol Denial of Service Vulnerability
Puppet is a set of configuration management tools based on client/server C/S architecture , it can be used to manage configuration files , users , cron tasks , packages , system services and so on. The Puppet Communications Protocol in Puppet Enterprise fails to properly validate the credentials ...
USN-3121-1 openjdk-8 vulnerabilities
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An attacker could use this to bypass Java sandbox restrictions. CVE-2016-5582 It was discovered that OpenJDK did not restrict the set of algorithms used for...
Ubuntu 14.04 LTS : curl vulnerability (USN-2882-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2882-1 advisory. Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host. Tenable has extracted the...
Ubuntu: Security Advisory (USN-2882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2882-1 curl vulnerability
Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host...
CVE-2011-2990
The implementation of Content Security Policy CSP violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by...
CVE-2004-2440
The CVE-2004-2440 entry concerns proxytunnel (pre-1.1.3) with an unspecified vulnerability in the cmdline.c component that allows a local attacker to obtain proxy credentials (username or password) of other users. Affected software is proxytunnel, version
CVE-2004-2440
Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...
FireFly 1.0 - Local Proxy Password Disclosure
FireFly 1.0 - Local Proxy Password Disclosure / FireFly v1.0 Local Exploit by Kozan Application: FireFly v1.0 Vendor: NetCruiser Software - www.netcruiser-software.com Vulnerable Description: FireFly v1.0 discloses proxy passwords to local users. Discovered & Coded by: Kozan Credits to ATmaCA Web...
eXeem 0.21 Local Password Disclosure Exploit (asm)
Exploit for unknown platform in category local exploits ================================================== eXeem 0.21 Local Password Disclosure Exploit asm ================================================== ;Nothing Special other than the program doesnt encode the proxy info. .386 .model flat,...
DEBIAN-CVE-2004-2440
Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...
CVE-2004-2440
Unspecified vulnerability in cmdline.c in proxytunnel 1.1.3 and earlier allows local users to obtain proxy credentials username or password of other users...
DEBIAN-CVE-2002-0715
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password...