1326 matches found
CentOS 3 / 4 : sysreport (CESA-2005:502)
An updated sysreport package that fixes an information disclosure flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team Sysreport is a utility that gathers information about a system's hardware and configuration. The information...
MS06-029: Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442)
The remote host is running a version of the Outlook Web Access that contains cross-site scripting flaws. This vulnerability could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to...
WinGate < 6.1.3 POST Request Buffer Overflow
Binary data 3642.prm...
WinGate POST Request Buffer Overflow
The remote host appears to be running WinGate Proxy Server, a Windows application for managing and securing Internet access. According to its banner, the version of WinGate installed on the remote host is affected by a buffer overflow vulnerability in its HTTP proxy service. An attacker with acce...
WinGate proxy server buffer overflow
Buffer overflow on oversized POST request...
DEBIAN-CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2005-4806
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service unresponsive service via unknown vectors...
CVE-2005-4806
CVE-2005-4806 affects Sun Java System Web Proxy Server 3.6 SP7 and earlier. The vulnerability is described as multiple unspecified remote vulnerabilities that allow an attacker to cause a denial of service (unresponsive service) via unknown vectors. The provided sources identify the affected prod...
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...
To shadowless go without a trace anonymous breakthrough network limit-vulnerability warning-the black bar safety net
Network management as the name suggests, is every pipe of the network, and tried various means to restrict our Internet access people. In the network established all sorts of rules, don't download, don't use IM, not allowed to access the restricted site, etc., so we can't enjoy the Internet bring...
Moderate: Red Hat Security Advisory: squid security update
Updated squid packages that fix a security vulnerability as well as several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HT...
squid security update
CentOS Errata and Security Advisory CESA-2006:0052 An updated squid package that fixes a security vulnerability as well as several issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Squid is a high-performance proxy cachin...
Novell Bordermanager proxy server DoS
No description provided...
RHEL 4 : squid (RHSA-2006:0052)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2006:0052 advisory. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. A denial of service flaw was found i...
[SA18753] e/pop Web Conferencing Topic Name Script Insertion
TITLE: e/pop Web Conferencing Topic Name Script Insertion SECUNIA ADVISORY ID: SA18753 VERIFY ADVISORY: http://secunia.com/advisories/18753/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: e/pop Web Conferencing 4.x http://secunia.com/product/7962/ DESCRIPTION:...
Blue Coat ProxySG proxy server protection bypass
It's possible to bypass target port limitations with HTTP CONNECT method...
Technical Note by Amit Klein: "XST Strikes Back"
Technical note XST Strikes Back or perhaps "Return from the Proxy"... Amit Klein, January 2006 Introduction ============ About three years ago, the concept of "Cross Site Tracing" 1 was introduced to the web application security community. In essence, the classic XST is about amplifying an existi...
CVE-2006-0144
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function...
CVE-2006-0144
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function...
Code injection
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function...