Anon Proxy Server buffer overflow

Buffer overflow on oversized username with double quote characters...

Anon Proxy Server 0.1000.102 - Remote Authentication Buffer Overflow

Anon Proxy Server 0.1000.102 - Remote Authentication Buffer Overflow source: https://www.securityfocus.com/bid/27593/info Anon Proxy Server is prone to a remote buffer-overflow vulnerability because the application fails to sufficiently bounds-check user-supplied input. Successful exploits allow...

Anon Proxy Server 0.100/0.102 - Remote Authentication Buffer Overflow

source: https://www.securityfocus.com/bid/27593/info Anon Proxy Server is prone to a remote buffer-overflow vulnerability because the application fails to sufficiently bounds-check user-supplied input. Successful exploits allow remote attackers to execute arbitrary code in the context of the...

Debian: Security Advisory (DSA-726-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

squid security update

CentOS Errata and Security Advisory CESA-2007:1130-04 Updated squid packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Squid is a high-performance...

Squid: Denial of service

Background Squid is a multi-protocol proxy server. Description The Wikimedia Foundation reported a memory leak vulnerability when performing cache updates. Impact A remote attacker could perform numerous specially crafted requests to the vulnerable server, resulting in a Denial of Service...

Jetty fails to properly process URLs that contain double / characters

Overview The Jetty web server contains a vulnerability that may allow an attacker to access private files or directories. Description Jetty is a web server that is implemented in Java. Jetty contains a vulnerability in the way it processes URLs with multiple "/" slash characters. See the Jetty...

Cross site scripting

Cross-site scripting XSS vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309...

Cross site scripting

Cross-site scripting XSS vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246...

Cross site scripting

Cross-site scripting XSS vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356...

CVE-2007-6570

Cross-site scripting XSS vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309...

CVE-2007-6571

Cross-site scripting XSS vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356...

CVE-2007-6569

Cross-site scripting XSS vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246...

CVE-2007-6570

CVE-2007-6570 describes a Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server’s View URL Database functionality. Affected software versions are Sun Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11. The vulnerability allows remote attackers to inject arbitrary web...

CVE-2007-6569

Sun Java System Web Proxy Server 4.x (and Web Server) are vulnerable to cross-site scripting in the View Error Log/related log-viewing function (BugID 6566246). The JVN entry confirms the issue is a client-side script injection via unspecified vectors, affecting the Web Server and Web Proxy Serve...

CVE-2007-6571

CVE-2007-6571 describes a cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected product/version: Sun Java System Web Proxy Server 3.6 prior to SP11...

JVN#89292430 Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server

Sun Java System Web Server and Sun Java System Web Proxy Server, which are both web servers, provide a function for a user to view access logs and other records in a web browser. This function is vulnerable to cross-site scripting. Impact An arbitrary script can be executed on the user's web...

CVE-2007-6459

Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the host parameter to diagdns.php, and 2 the host parameter and possibly 3 the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460...

CVE-2007-6460

Multiple cross-site scripting XSS vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by 1 log.php or 2 logerror.php, a different vulnerability than CVE-2007-6459...

CVE-2007-6459

Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the host parameter to diagdns.php, and 2 the host parameter and possibly 3 the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460...