CVE-2002-1484

DB4Web server vulnerability CVE-2002-1484: when configured to show verbose debug messages, the server can be abused as a proxy to initiate TCP connections to arbitrary hosts/ports, effectively enabling port-scanning-like behavior. The attack is triggered by requesting a URL that encodes the targe...

CVE-2001-0549

The CVE describes Symantec LiveUpdate 1.5 storing proxy passwords in cleartext in the registry (HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\LiveUpdate\Preferences\Proxy), allowing local users to read credentials. CERT/CC details confirm local read access to the registry key and recommend upgrading to Li...

CVE-2001-0034

KTH Kerberos IV is affected by a local privilege issue where the krb4_proxy variable can be used to specify an alternate proxy, enabling a user to generate false proxy responses and potentially gain privileges. The vulnerability is local in scope, with impact described as complete confidentiality...

Дырка в Proxy+

telnet - прокси позволяет сделать telnet на адрес 127.0.0.1, что позволяет подключиться к конфигурационному порту и изменить настройки сервера если используется только авторизация по IP-адресу...

CVE-1999-0910

CVE-1999-0910 affects Microsoft Site Server and Commercial Internet System (MCIS). The issue is that cookies are not given an expiration, allowing proxies to cache them and potentially be reused by a different user. This could lead to cross-user cookie exposure and session confusion. The availabl...

CVE-1999-0168

CVE-1999-0168 describes a vulnerability in the RPC portmapper where it may act as a proxy and redirect service requests, making them appear to originate from localhost. This can bypass authentication and allow NFS mounts through the portmapper despite export restrictions. Documented sources (Red ...