Sun Java System Web Server 6.1/7.0 Digest Authentication Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37896/info Sun Java System Web Server is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...

Oops Proxy Server 1.4.22 Buffer Overflow Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/2099/info Oops is a freely available proxy server package, written by Igor Khasilev. A problem exists in the package which could allow for the arbitrary execution of code. Multiple buffer overflows exist in this product. ...

ETL Delegate 5.9 .x/6.0 .x Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/808/info The Delegate proxy server from ElectroTechnical Laboratory has numerous several hundred, according to the orignal poster unchecked buffers that could be exploited to remotely compromise the server. / delefate.c...

CVE-2014-2503

Summary (CVE-2014-2503) : EMC Documentum Digital Asset Manager (DAM) 6.5 SP3/SP4/SP5/SP6 before P13 is affected by a Blind DQL injection via the thumbnail proxy server, allowing remote attackers to bypass query restrictions. The issue arises from how a crafted URL query parameter is processed, en...

squid security update

CentOS Errata and Security Advisory CESA-2014:0597 Updated squid packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base scor...

Factlink: Anonymous Proxy and IP leak

http://fct.li/?url=whatismyipaddress.com Hacker can surf internet via FACTLINK proxy server...

webEdition CMS 2.8.0.0 Remote Command Execution

Advisory: Remote Command Execution in webEdition CMS Installer Script RedTeam Pentesting discovered a remote command execution vulnerability in the installer script of the webEdition CMS during a penetration test. If the installer script is not manually removed after installation, attackers canno...

CVE-2014-3015

Cross-site request forgery CSRF vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

CVE-2014-3015

CVE-2014-3015 affects IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1. The Web player component is vulnerable to cross-site request forgery (CSRF), enabling remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. The vulnerability orig...

Oracle iPlanet Web Proxy Server 4.0 < 4.0.23 Unspecified Vulnerability

The remote host has a version of Oracle iPlanet Web Proxy Server formerly Sun Java System Web Proxy Server 4.0 prior to 4.0.23. It is, therefore, affected by an unspecified vulnerability related to Administration. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72035;...

Oracle iPlanet Web Proxy Server Detection

Binary data iplanetwebproxyinstalled.nbin...

CVE-2013-5808

Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middleware 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Administration...

Design/Logic Flaw

Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middleware 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Administration...

CVE-2013-5808

CVE-2013-5808 affects Oracle iPlanet Web Proxy Server 4.0 prior to 4.0.23 (Sun Java System Web Proxy Server). The vulnerability is described as unspecified and related to Administration . The Nessus/NVD records indicate a remote, network-exposed issue with low base score (CVSS v2: 2.6, Confidenti...

CVE-2013-5808

Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middleware 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Administration...

CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

Design/Logic Flaw

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

CVE-2013-4522

CVE-2013-4522 affects Moodle: lib/filelib.php (various 2.2–2.5 branches) fails to send Cache-Control: private headers, enabling a caching proxy to serve previously retrieved files and potentially expose sensitive information. Impact is information exposure via cached responses; no exploit details...

CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...