1326 matches found
SSL tampering via non-200 responses to proxy CONNECT requests — Mozilla
Microsoft security researchers Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang reported that when a CONNECT request is sent to a proxy server and a non-200 response is returned, then the body of the response is incorrectly rendered within the context of the request Host: header. An active...
Qbik WinGate HTTP Proxy Server Access Controls Bypass Vulnerability
This host is running WinGate HTTP Proxy Server and is prone to access controls bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodwingatehttpproxyservaclbypassvuln.nasl 5390 2017-02-21 18:39:27Z mime $ Qbik WinGate HTTP Proxy Server Access Controls Bypass Vulnerability Authors: Sharath S...
Design/Logic Flaw
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...
CVE-2009-0609
CVE-2009-0609 affects Sun Java System Directory Proxy Server (within Sun Java System Directory Server Enterprise Edition) versions 6.0–6.3. When a JDBC data source is used, the server does not properly handle (1) a long value in an ADD or (2) long string attributes, enabling remote attackers to c...
[SECURITY] Fedora 10 Update: squid-3.0.STABLE13-1.fc10
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
CVE-2009-0468
Multiple cross-site request forgery CSRF vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown the server, 2 send ping packets, 3 enable network services, 4 configure a...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown the server, 2 send ping packets, 3 enable network services, 4 configure a...
Sun Java系统Web代理服务器FTP子系统堆溢出漏洞
BUGTRAQ ID: 31691 CVECAN ID: CVE-2008-4541 Sun Java System Web Proxy Server是一款基于WEB的代理服务程序。 Sun Java Web代理服务器的FTP子系统没有正确地处理FTP资源。如果远程攻击者向有漏洞的服务器发送了恶意的HTTP GET请求的话,就可以触发堆溢出,导致执行任意指令。 Sun Java System Web Proxy Server 4.0 - 4.0.7 Sun已经为此发布了一个安全公告(Sun-Alert-242986)以及相应补丁: Sun-Alert-242986:A Heap...
Sun Java System Web Proxy Server Two Vulnerabilities (Linux)
This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnlin.nasl 7174 2017-09-18 11:48:08Z asteins $ Sun Java System Web Proxy Server Two Vulnerabilities Linux Authors: Chandan S Copyright:...
iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow
iDefense Security Advisory 10.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 09, 2008 I. BACKGROUND Sun Microsystems Inc's Java System is a collection of server applications bundled together. One such server application included is the Web Proxy Server. This software implements...
Sun Java System Web Proxy Server Vulnerabilities (Windows)
This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnwin.nasl 6605 2017-07-07 11:22:07Z cfischer $ Sun Java System Web Proxy Server Vulnerabilities Windows Authors: Chandan S Copyright:...
Sun Java System Web Proxy Server < 4.0.8 Multiple Vulnerabilities - Linux
Sun Java Web Proxy Server is prone to a heap buffer overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Heap overflow
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request...
CVE-2008-4541
Sun Java System Web Proxy Server (Sun Microsystems) is affected by CVE-2008-4541 due to a heap-based buffer overflow in the FTP subsystem. The vulnerability exists in versions 4.0 through 4.0.7 and can be triggered by processing a crafted HTTP GET request, potentially allowing remote code executi...
CVE-2008-4541
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request...
KLA10346 ACE vulnerability in Java System Web Proxy Server
A buffer overflow was found in the Java System Web Proxy Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely a via specially designed GET request. Original advisories - Related products Sun-Java-System-Web-Proxy-Server...
DSA-1646-2 squid - array bounds check
Bulletin has no description...
Gentoo Security Advisory GLSA 200505-02 (oops)
The remote host is missing updates announced in advisory GLSA 200505-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200505-02 (oops)
The remote host is missing updates announced in advisory GLSA 200505-02. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...