Google Chrome Multiple Vulnerabilities - (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwin02.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities - Windows Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...

Squid Authentication Headers Handling Denial of Service (CVE-2005-2917)

The Squid proxy server is an open source, Internet proxy and caching application. It supports the proxying of FTP, HTTP, SSL, and DNS services. The default proxy service port is 3128/TCP. A vulnerability exists in the Squid proxy server in the processing of authentication requests. The flaw is...

CentOS 4 : firefox (CESA-2009:1530)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime...

FreeBSD : mozilla -- multiple vulnerabilities (c87aa2d2-c3c4-11de-ab08-000f20797ede)

Mozilla Foundation reports : MFSA 2009-64 Crashes with evidence of memory corruption rv:1.9.1.4/ 1.9.0.15 MFSA 2009-63 Upgrade media libraries to fix memory safety bugs MFSA 2009-62 Download filename spoofing with RTL override MFSA 2009-61 Cross-origin data theft through document.getSelection MFS...

nginx Proxy DNS Cache Domain Spoofing Vulnerability

The 'nginx' program is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache. This issue can be exploited when nginx is configured to act as a forward proxy, but this is a nonstandard and...

nginx Proxy DNS Cache Domain Spoofing Vulnerability

nginx is prone to a vulnerability that may allow attackers to spoof domains because the software fails to properly compare domains when referencing an internal DNS cache. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

CVE-2009-2863

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227...

Race condition

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227...

CVE-2009-2863

CVE-2009-2863 describes a race condition in the Cisco IOS Firewall/Authentication Proxy feature (IOS 12.0–12.4) that can allow unauthenticated remote access by bypassing authentication or the consent web page when a crafted request is sent. The root cause is within the Firewall Authentication Pro...

Mandrake Security Advisory MDVSA-2009:240 (apache)

The remote host is missing an update to apache announced via advisory MDVSA-2009:240. OpenVAS Vulnerability Test $Id: mdksa2009240.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:240 apache Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Cisco IOS Software Authentication Proxy Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Squid外部认证头解析器拒绝服务漏洞

CVECAN ID: CVE-2009-2855 Squid是一个高效的Web缓存及代理程序，最初是为Unix平台开发的，现在也被移植到Linux和大多数的Unix类系统中，最新的Squid可以运行在Windows平台下。 Squid的src/HttpHeaderTools.c文件中的strListGetItem函数中存在拒绝服务漏洞。如果远程攻击者向服务器发送了包含有某些逗号分隔符的特制认证头，就可以在strcspn函数中触发死循环，导致服务崩溃。 Squid Web Proxy Cache 2.7 厂商补丁： Squid -----...

Protected Web Page Detection

The remote web server requires HTTP authentication for the following pages. Several authentication schemes are available : - Basic is the simplest, but the credentials are sent in cleartext. - NTLM provides an SSO in a Microsoft environment, but it cannot be used on both the proxy and the web...

[SECURITY] Fedora 11 Update: squid-3.0.STABLE18-1.fc11

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Ubuntu: Security Advisory (USN-814-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JBLOG 1.5.1 SQL Table Backup

!/usr/bin/perl =about VENDOR JBLOG 1.5.1 maybe earlier versions vulnerable too http://www.lisijie.org AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULNERABILITY DESCRIPTION Both 'index.php' and 'admin.php' includes file 'common.php' which checks for user...

JBLOG 1.5.1 - SQL Table Backup

JBLOG 1.5.1 - SQL Table Backup !/usr/bin/perl =about VENDOR JBLOG 1.5.1 maybe earlier versions vulnerable too http://www.lisijie.org AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULNERABILITY DESCRIPTION Both 'index.php' and 'admin.php' includes file...

[SECURITY] [DSA 1843-2] New squid3 packages fix regression

-------------------------------------------------------------------------- Debian Security Advisory DSA-1843-2 [email protected] http://www.debian.org/security/ Nico Golde August 9th, 2009 http://www.debian.org/security/faq -...

Arab Portal 2.x SQL Injection

getqc &&!isset$apt-getqp $qc = $apt-getqc; $result = $apt-query"select name,comment from rafiacomment where id='$qc'"; $row = $apt-dbarray$result; $apt-row'quote' = "\n\n\nQUOTE..... :".$row'name'."\n".$row'comment'."/QUOTE"; /code - Debug : code $qc = intval$apt-getqc; /code - Note : Path to...

CVE-2009-2470

CVE-2009-2470 is a Firefox/Thunderbird issue where remote SOCKS5 proxy replies with a long domain name can cause data stream corruption and a denial of service. Public details in connected documents reference Firefox versions affected (pre-3.0.12 and 3.5.x before 3.5.2) and note a related Thunder...