200 matches found
CVE-2005-4827
CVE-2005-4827 affects Internet Explorer 6.0 (and possibly other versions). It describes a bypass of the same-origin policy by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) with a method name containing tab, newline, or carriage return characters, a pattern some proxies convert to s...
[SECURITY] Fedora Core 5 Update: wget-1.10.2-3.3.fc5
GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest wit...
security flaw
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
security flaw
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
security flaw
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-3412
Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers...
DEBIAN-CVE-2006-3412
Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers...
The network administrator and the attacker is a good helper for Wget using the detailed explanation-vulnerability warning-the black bar safety net
For a experience is not very rich attacker, worked extremely hard to get to the system management rights or the Telnet permissions later, often had to face such embarrassing scene: pour permissions what is the use For a system administrator, often to for system download some patch software or...
Design/Logic Flaw
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
CVE-2006-2786
CVE-2006-2786 is an HTTP response smuggling vulnerability affecting Mozilla Firefox and Thunderbird prior to 1.5.0.4. According to connected advisories, an attacker could craft responses that a proxy or header formatting could fool the client into treating as responses from two different sites, p...
CVE-2006-2786
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...
HTTP response smuggling — Mozilla
Kazuho Oku of Cybozu Labs reports via the Information-technology Promotion Agency, Japan, that Firefox is vulnerable to HTTP response smuggling when used with certain proxy servers...
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...
Breakthrough LAN on the Internet users some of the limitations-vulnerability warning-the black bar safety net
May now LAN online network user restrictions, such as not on some website, can't play certain games, not on MSN, port restrictions, etc., generally is through a proxy server on the software to be limiting, as will now talk about most of the ISA Server 2 0 0 4, or through hardware blank" the...
Multiple devices process HTTP requests inconsistently
Overview Multiple interconnected devices process valid HTTP request headers inconsistently and in this may manner may allow a remote attacker to poison a cache, conduct cross-site scripting attacks, and hijack user sessions. Attackers may use these flaws to launch a class of attacks referred to a...
msie4-persistent-connect.txt
Date: Fri, 22 Jan 1999 14:15:32 -0600 From: Joel Moses To: [email protected] Subject: IE4 Persistent Connection Bug Hi, everyone. Working with MCI/WorldCom, we've identified a problem with IE 4 which may or may not have security implications, but is definately naughty behavior, in our opinions...