Squid Proxy Cache Security Update Advisory (SQUID-2018:2) - Linux

Squid is vulnerable to denial of service attack when processing ESI responses. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2018-6824

Cozy version 2 contains an XSS vulnerability that lets an attacker obtain administrative access through JavaScript code in the url parameter sent to /api/proxy, demonstrated by an XMLHttpRequest using email:"[email protected]" which can be followed by a password reset. The connected documents ...

Debian DLA-1267-1 : squid security update

Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA certificate downloading. CVE-2018-1000027 Incorrect pointer handling resulted in the possibility of a remote client...

DEBIAN-CVE-2018-6560

In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

PHPFreeChat 1.7 - Denial of Service

PHPFreeChat 1.7 - Denial of Service Exploit Title: phpFreeChat 1.7 and earlier - Denial of Service Version: 1.7 and earlier Date: 21/01/2018 Vendor Homepage: http://www.phpfreechat.net Software Link: http://www.phpfreechat.net/download Exploit Author: A. Pakbaz CVE : CVE-2018-5954 1 $pid=pcntlfor...

Open WAN-to-LAN proxy on AT&T routers

The Arris NVG589 and NVG599 routers configured with AT U-verse firmware 9.2.2h0d83 expose an un-authenticated proxy that allows connecting from WAN to LAN by MAC address. !/usr/bin/env python3 from metasploit import module, probescanner metadata = 'name': 'Open WAN-to-LAN proxy on AT&T routers',...

CVE-2017-7559

In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that als...

GetGo Download Manager 5.3.0.2712 - Proxy Buffer Overflow

GetGo Download Manager 5.3.0.2712 - Proxy Buffer Overflow Exploit Title: Buffer overflow vulnerability in GetGo Download Manager proxy options 5.3.0.2712 Date: 01-02-2018 Tested on Windows 8 64 bits Exploit Author: devcoinfet Contact: https://twitter.com/wabefet Software Link:...

GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow

Exploit Title: Buffer overflow vulnerability in GetGo Download Manager proxy options 5.3.0.2712 Date: 01-02-2018 Tested on Windows 8 64 bits Exploit Author: devcoinfet Contact: https://twitter.com/wabefet Software Link: http://www.getgosoft.com/getgodm/ Category: webapps Attack Type: Remote Impac...

BtleJuice Framework - Bluetooth Smart (LE) Man-in-the-Middle Framework

BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install BtleJuice ? Installing BtleJuice...

WhatWaf - Detect And Bypass Web Application Firewalls And Protection Systems

WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass or two for said firewall, on the specified target. Features Ability to run on a single URL with the...

GOWPT - Go Web Application Penetration Test

GOWPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks. How to install To install gowpt just type: make sudo make install Usage From the -h menu Usage of gowpt: -H valu...

Trend Micro OfficeScan Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro OfficeScan. Authentication is required to exploit this vulnerability. The specific flaw exists within the Web Console, which listens on TCP port 4343 by default. When parsing the tr...

Python Meterpreter Shell, Reverse HTTP Inline

Connect back to the attacker and spawn a Meterpreter shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python includ...

hot-odds.info Open Redirect vulnerability

Open Bug Bounty ID: OBB-418651 Description| Value ---|--- Affected Website:| hot-odds.info Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerab...

VX Search 10.2.14 - Proxy Local Buffer Overflow (SEH)

VX Search 10.2.14 - Proxy Local Buffer Overflow SEH !/usr/bin/env python Exploit Title : VXSearch v10.2.14 Local SEH Overflow Date : 11/16/2017 Exploit Author : wetw0rk Vendor Homepage : http://www.flexense.com/ Software link : http://www.vxsearch.com/setups/vxsearchentsetupv10.2.14.exe Version :...

VX Search 10.2.14 - 'Proxy' Local Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title : VXSearch v10.2.14 Local SEH Overflow Date : 11/16/2017 Exploit Author : wetw0rk Vendor Homepage : http://www.flexense.com/ Software link : http://www.vxsearch.com/setups/vxsearchentsetupv10.2.14.exe Version : 10.2.14 Tested on : Windows 7 x86 Description : VX...

openSUSE Security Update : curl (openSUSE-2017-1200)

This update for curl fixes the following issues : Security issues fixed : - CVE-2017-1000254: FTP PWD response parser out of bounds read bsc1061876 - CVE-2017-1000257: IMAP FETCH response out of bounds read bsc1063824 Bugs fixed : - Fixed error 'error:1408F10B:SSL routines' when connecting to ftp...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2017:2831-1)

This update for curl fixes the following issues: Security issues fixed : - CVE-2017-1000254: FTP PWD response parser out of bounds read bsc1061876 - CVE-2017-1000257: IMAP FETCH response out of bounds read bsc1063824 Bugs fixed : - Fixed error 'error:1408F10B:SSL routines' when connecting to ftps...