Lucene search
K

1326 matches found

Mozilla
Mozilla
added 2009/06/11 12:0 a.m.38 views

SSL tampering via non-200 responses to proxy CONNECT requests — Mozilla

Microsoft security researchers Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang reported that when a CONNECT request is sent to a proxy server and a non-200 response is returned, then the body of the response is incorrectly rendered within the context of the request Host: header. An active...

6.8CVSS0.5AI score0.02032EPSS
Exploits1References2Affected Software3
OpenVAS
OpenVAS
added 2009/03/26 12:0 a.m.35 views

Qbik WinGate HTTP Proxy Server Access Controls Bypass Vulnerability

This host is running WinGate HTTP Proxy Server and is prone to access controls bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodwingatehttpproxyservaclbypassvuln.nasl 5390 2017-02-21 18:39:27Z mime $ Qbik WinGate HTTP Proxy Server Access Controls Bypass Vulnerability Authors: Sharath S...

5.4CVSS6.7AI score0.02424EPSS
Exploits0References2
Prion
Prion
added 2009/02/17 5:30 p.m.19 views

Design/Logic Flaw

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

7.8CVSS7.2AI score0.02542EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/02/17 5:0 p.m.36 views

CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

6.6AI score0.02542EPSS
Exploits1References4
CVE
CVE
added 2009/02/17 5:0 p.m.57 views

CVE-2009-0609

CVE-2009-0609 affects Sun Java System Directory Proxy Server (within Sun Java System Directory Server Enterprise Edition) versions 6.0–6.3. When a JDBC data source is used, the server does not properly handle (1) a long value in an ADD or (2) long string attributes, enabling remote attackers to c...

7.8CVSS6.8AI score0.02542EPSS
Exploits1References4Affected Software1
Fedora
Fedora
added 2009/02/12 8:37 p.m.29 views

[SECURITY] Fedora 10 Update: squid-3.0.STABLE13-1.fc10

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

5CVSS6.3AI score0.71986EPSS
Exploits8
NVD
NVD
added 2009/02/10 7:0 a.m.19 views

CVE-2009-0468

Multiple cross-site request forgery CSRF vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown the server, 2 send ping packets, 3 enable network services, 4 configure a...

6.8CVSS7.2AI score0.00966EPSS
Exploits1References4
Prion
Prion
added 2009/02/10 7:0 a.m.18 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown the server, 2 send ping packets, 3 enable network services, 4 configure a...

6.8CVSS7.7AI score0.00966EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2008/10/20 12:0 a.m.34 views

Sun Java系统Web代理服务器FTP子系统堆溢出漏洞

BUGTRAQ ID: 31691 CVECAN ID: CVE-2008-4541 Sun Java System Web Proxy Server是一款基于WEB的代理服务程序。 Sun Java Web代理服务器的FTP子系统没有正确地处理FTP资源。如果远程攻击者向有漏洞的服务器发送了恶意的HTTP GET请求的话,就可以触发堆溢出,导致执行任意指令。 Sun Java System Web Proxy Server 4.0 - 4.0.7 Sun已经为此发布了一个安全公告(Sun-Alert-242986)以及相应补丁: Sun-Alert-242986:A Heap...

10CVSS6.4AI score0.08439EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/10/16 12:0 a.m.28 views

Sun Java System Web Proxy Server Two Vulnerabilities (Linux)

This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnlin.nasl 7174 2017-09-18 11:48:08Z asteins $ Sun Java System Web Proxy Server Two Vulnerabilities Linux Authors: Chandan S Copyright:...

10CVSS0.4AI score0.08439EPSS
Exploits1References4
securityvulns
securityvulns
added 2008/10/16 12:0 a.m.173 views

iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow

iDefense Security Advisory 10.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 09, 2008 I. BACKGROUND Sun Microsystems Inc's Java System is a collection of server applications bundled together. One such server application included is the Web Proxy Server. This software implements...

10CVSS0.08439EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/10/16 12:0 a.m.27 views

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavawebporxysvrvulnwin.nasl 6605 2017-07-07 11:22:07Z cfischer $ Sun Java System Web Proxy Server Vulnerabilities Windows Authors: Chandan S Copyright:...

10CVSS0.4AI score0.08439EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/10/16 12:0 a.m.18 views

Sun Java System Web Proxy Server < 4.0.8 Multiple Vulnerabilities - Linux

Sun Java Web Proxy Server is prone to a heap buffer overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.08439EPSS
Exploits1References5
Prion
Prion
added 2008/10/13 8:0 p.m.22 views

Heap overflow

Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request...

10CVSS8.5AI score0.08439EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2008/10/13 6:0 p.m.76 views

CVE-2008-4541

Sun Java System Web Proxy Server (Sun Microsystems) is affected by CVE-2008-4541 due to a heap-based buffer overflow in the FTP subsystem. The vulnerability exists in versions 4.0 through 4.0.7 and can be triggered by processing a crafted HTTP GET request, potentially allowing remote code executi...

10CVSS7.8AI score0.08439EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/10/13 6:0 p.m.43 views

CVE-2008-4541

Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request...

7.8AI score0.08439EPSS
Exploits1References7
Kaspersky
Kaspersky
added 2008/10/13 12:0 a.m.47 views

KLA10346 ACE vulnerability in Java System Web Proxy Server

A buffer overflow was found in the Java System Web Proxy Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely a via specially designed GET request. Original advisories - Related products Sun-Java-System-Web-Proxy-Server...

10CVSS7.8AI score0.08439EPSS
Exploits1References2
OSV
OSV
added 2008/10/07 12:0 a.m.20 views

DSA-1646-2 squid - array bounds check

Bulletin has no description...

5CVSS6.3AI score0.26858EPSS
Exploits3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.17 views

Gentoo Security Advisory GLSA 200505-02 (oops)

The remote host is missing updates announced in advisory GLSA 200505-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS0.3AI score0.02298EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.11 views

Gentoo Security Advisory GLSA 200505-02 (oops)

The remote host is missing updates announced in advisory GLSA 200505-02. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.7AI score0.02298EPSS
Exploits1References3
Rows per page
Query Builder