1319 matches found
The vulnerability of the Nginx proxy server allows attackers to induce a service failure.
The vulnerability of the Nginx proxy server is related to pointer dereferencing errors. Exploiting this vulnerability allows a malicious actor to cause a service failure incorrect pointer dereferencing and emergency termination of operations through a specially crafted UDP DNS response...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the http.cc function in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to cause a service failure—such as the appearance of an “Assertion failure” message and the termination of the...
Squid Denial of Service Vulnerability (CNVD-2016-01442)
Squid full name Squid Cache is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in the http.cc file in Squid versions 3.x prior to 3.5.15 and 4....
openstack-swift: Proxy to server DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
nginx denial of service vulnerability (CNVD-2016-00982)
nginx is an HTTP and reverse proxy server that can also be used as a mail proxy server. A security vulnerability exists in nginx that allows remote attackers to submit special requests for denial of service attacks...
IBM WebSphere Application Server DoS Vulnerability (Jan 2016)
IBM WebSphere Application Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
proxy.thai.we.bs Open Redirect vulnerability
Vulnerable URL: http://proxy.thai.we.bs/counthits.php?url=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 06.04.2016 Latest check for patch:| 06.04.2016 12:29 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
ICMP IP Tunnel: ICMPTunnel
icmptunnel works by encapsulating your IP traffic in ICMP echo packets and sending them to your own proxy server. The proxy server decapsulates the packet and forwards the IP traffic. The incoming IP packets which are destined for the client are again encapsulated in ICMP reply packets and sent...
[SECURITY] Fedora 23 Update: squid-3.5.9-7.fc23
Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...
Design/Logic Flaw
IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software by reading the HTTP Via header...
CVE-2015-3153
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents...
CVE-2015-3153
Technical details for CVE-2015-3153 are not provided in the connected documents. Monitor for updates; the available material only includes the initial summary of impact without vendor/product specifics.
UBUNTU-CVE-2015-3153
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information by reading the header contents...
DSA-3240-1 curl - security update
Bulletin has no description...
Debian Security Advisory DSA 3240-1 (curl - security update)
It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information. OpenVAS Vulnerability Test $Id: deb3240.nasl 6609...
Oracle iPlanet Web Proxy Server 4.0 < 4.0.25 NSS Signature Verification Vulnerability
According to its self-reported version, the Oracle iPlanet Web Proxy Server installed on the remote host is version 4.0 prior to 4.0.25. It is, therefore, affected by a flaw in the Network Security Services NSS library due to improper parsing of ASN.1 values in an RSA signature. A man-in-the-midd...
Code injection
net/http/proxyclientsocket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 aka Proxy Authentication Required HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response...
Ubuntu 14.04 LTS : curl vulnerability (USN-2474-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2474-1 advisory. Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially...
USN-2474-1: curl vulnerability
Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially crafted URL, an attacker could possibly use this issue to inject arbitrary HTTP requests...
Multiple Remote Code Execution Vulnerabilities in Privoxy
Privoxy is a proxy server with filtering for HTTP and HTTPS protocols, often used in combination with Tor. Privoxy suffers from multiple remote code execution vulnerabilities that can be exploited by an attacker to execute arbitrary code in the context of a user running an affected application. o...