61 matches found
Slackware: Security Advisory (SSA:2016-039-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALPINE-CVE-2021-28363
The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates for...
CWA for Android: Fail to Launch Apps and Desktops
Applications are enumerated correct, But when you try launch Apps it fails to connect. Error logged during launch is "javax.net.ssl.SSLPeerUnverifiedException: Check that all CAs are compliant and are installed properly" Full trace ======= "2021-01-20T06:57:18.559+0530","TCPSocketFactory","INFO...
MGASA-2020-0118 Updated glib2.0 packages fix security vulnerability
The updated packages fix a security vulnerability: GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may...
nodejs: HTTP request smuggling using malformed Transfer-Encoding header
A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...
TitanHQ WebTitan has an unspecified vulnerability (CNVD-2019-44519)
TitanHQ WebTitan is a web content filter from TitanHQ Ireland. A security vulnerability exists in TitanHQ WebTitan versions prior to 5.18. The vulnerability can be exploited by an attacker to take full control of the device database by connecting to the database via a proxy no password required...
openSUSE Security Update : hylafax+ (openSUSE-2019-711)
This update for hylafax+ fixes the following issues : Security issues fixed in 5.6.1 : - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also...
Troubleshooting XenCenter Proxy Authentication Issues
XenCenter does not connect to a proxy server One common problem with using a proxy server is that the client XenCenter can’t connect to it. You may receive the following error when trying to connect to a XenServer host after configuring to use a proxy server in XenCenter: You may also receive the...
Secure Mail Error: "Access to company is not currently available"
Worx/Secure Mail Error: "Access to your company is not currently available" Errors found in the client logs: AGTunnel fails to start when attempting to proxy traffic from the NSG " 2016-11-14T11:22:11.535+0000 ",AGTunneler ,WARNING 3,"Failed to read in AGSOCKSClient, err = -8000...
Putty 0.67 Cleartext Password Storage
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PUTTY.EXE-INSECURE-PASSWORD-STORAGE.txt + ISR: ApparitionSec Vendor: ========================== www.chiark.greenend.org.uk Product: =========== Putty.exe v0.67 PuTTY is a free...
Fedora 22 : curl-7.40.0-8.fc22 (2016-3fa315a5dd)
match credentials when re-using a proxy connection CVE-2016-0755 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
curl: Security update (CVE-2016-0755)
The curl package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to a reported security issue. VERSION 7.40.0-3 = 7.40.0-3.1 CHANGELOG Wed, 2 Mar 2016 09:51:47 +0000 0914eea Bump pkg revision Tue, 1 Mar 2016 22:42:51 +0000 380df1a This fixes the following security...
CURL-CVE-2016-0755 NTLM credentials not-checked for proxy connection reuse
libcurl reuses NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. libcurl maintains a pool of connections after a transfer has completed. The pool of connections is then gone through when a ne...
Empire: a PowerShell post-exploitation Agent tools-vulnerability warning-the black bar safety net
Empire is a purely PowerShell post-exploitation Agent tools, it is built on cryptography, secure communications and flexible architecture. Empire realize the need to powershell. exe you can run a PowerShell proxy function. Rapid deployment post-exploit module, from the keyboard recorder to...
Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...
[SECURITY] Fedora 18 Update: socat-1.7.2.2-1.fc18
Socat is a relay for bidirectional data transfer between two independent da ta channels. Each of these data channels may be a file, pipe, device serial l ine etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc.,...
Moderate: Red Hat Security Advisory: squid security and bug fix update
Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Code injection
Red Hat Network RHN Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to 1 obtain unspecified sensitive host information or 2 use the server as an inadvertent proxy to connect to arbitrary services and IP addresses via unspecified vectors...
Design/Logic Flaw
Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a prox...