CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

CVE-2019-15635

An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, th...

Oracle Linux 8 : squid:4 (ELSA-2019-2593)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2593 advisory. libecap 1.0.1-2 - Resolves: 1696354 - Ensure modular RPM upgrade path squid 7:4.4-5 - Resolves: 1744672 - CVE-2019-12527 squid:4/squid: heap-based buffer overfl...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: heap-based buffer overflow in HttpHeader::getAuth CVE-2019-12527 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

ALSA-2019:2593 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: heap-based buffer overflow in HttpHeader::getAuth CVE-2019-12527 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

The vulnerability of the proxy server used in software tools for managing Red Hat Satellite and Spacewalk systems allows a hacker to execute arbitrary code.

The vulnerability of the proxy server used in software solutions for managing Red Hat Satellite and Spacewalk systems is related to incorrect restrictions on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Fedora Update for squid FEDORA-2019-cb50bcc189

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

W13Scan - Passive Security Scanner

W13scan is a proxy-based web scanner that runs on Linux/Windows/Mac systems. Begin Demo Pure Python and Python version = 3 Can you use star to encourage the author ？ Install pip3 install w13scan Usage help w13scan -h running w13scan -s 127.0.0.1:7778 HTTPS Support If you want w13scan to support...

CVE-2019-5456

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version = 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later...

The vulnerability of the Cisco AsyncOS operating system proxy server allows attackers to cause service interruptions for Cisco Web Security Appliance web servers.

The vulnerability of the Cisco AsyncOS operating system’s proxy server for Cisco Web Security Appliance products exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending malicious HTTP/HTTPS requests...

Squid Buffer Overflow Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A buffer overflow vulnerability exists in Squid versions 4.0.23 through 4.7. The vulnerability originates when a netwo...

PivotSuite - A Network Pivoting Toolkit

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. PivotSuite as a Server : If the...

Personalized Customer Support that Garners a Personalized Thank You

In my two-plus years as a Technical Support Engineer at Imperva, I’ve handled a wide variety of customer cases. And I’ve had the satisfaction of helping resolve them quickly and successfully. But never before have I received a handwritten thank you note from an effusive customer. Let me start at...

The vulnerability of the Cisco AsyncOS operating system proxy server of Cisco Web Security Appliance allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco AsyncOS operating system’s proxy server for Cisco Web Security Appliance products exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending corrupted HTTP or HTTPS requests t...

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

The U.S. Department of Homeland Security DHS and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to...

Man-in-the-Middle (MitM)

firefox/thunderbird is vulnerable to man-in-the-middle attacks. The address bar can be spoofed by operating a proxy server that provides a 407 HTTP status code accompanied by a malicious web script...

Node.js third-party modules: [https-proxy-agent] Socket returned without TLS upgrade on non-200 CONNECT response, allowing request data to be sent over unencrypted connection

I would like to report a man-in-the-middle vulnerability in https-proxy-agent. It allows an attacker with access to the network firewall or targeted proxy server to obtain secrets e.g. a HTTP basic auth header from the client trying to send HTTPS traffic via HTTP proxy. Module module name:...

Reconerator - C# Targeted Attack Reconnaissance Tools

This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current featuresets: BASIC - Obtains information from the disk and registry. LDAP - Allows customised AD LDAP queries to be made. RESOLVEHOST - Performs DNS lookup queries...

CVE-2019-9867

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The proxy server password is displayed to an administrator...