44 matches found
EUVD-2007-4318
Malware in sbrugna...
EUVD-2009-0800
Malware in sbrugna...
EUVD-2006-4506
Malware in sbrugna...
CVE-2009-0802
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...
Qbik WinGate Installed (Windows)
Binary data qbikwingatewininstalled.nbin...
Qbik IP Management WinGate Elevation of Privilege Vulnerability
Qbik IP Management WinGate is an integrated multi-protocol proxy server from Qbik IP Management in New Zealand. The product also supports features such as email servers and Internet gateways. A security vulnerability exists in Qbik IP Management WinGate version 9.4.1.5998, which stems from the...
Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/509/info WinGate's Winsock redirector service is susceptible to a buffer overflow vilnerability that will crash all WinGate services. !/usr/bin/python Qbik Wingate 3.0 DoS Proof of Concept Code. Vulnerability Discovered b...
Qbik WinGate WWW Proxy Server URL Processing Overflow
No description provided by source. $Id: qbikwingatewwwproxy.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
Qbik WinGate 6.2.2 LIST Command Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30606/info WinGate is prone to a remote denial-of-service vulnerability affecting the application's IMAP email server. Exploiting this issue will consume computer resources and deny access to legitimate users. WinGate 6.2...
Qbik WinGate WWW Proxy Server URL Processing Overflow
$Id: qbikwingatewwwproxy.rb 8547 2010-02-18 15:58:26Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Qbik WinGate WWW Proxy Server URL Processing Overflow
This module exploits a stack buffer overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code. This module requires Metasploit:...
Qbik WinGate Version Detection
Detects the installed version of Qbik WinGate. The script logs in via smb, searches for Qbik WinGate in the registry and gets the version from registry. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Design/Logic Flaw
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...
CVE-2009-0802
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...
CVE-2009-0802
CVE-2009-0802 affects Qbik WinGate HTTP Proxy Server. In transparent interception mode, the proxy uses the HTTP Host header to determine the remote endpoint, enabling a crafted page to force a client to send requests with a modified Host header. This can allow remote attackers to bypass access co...
CVE-2009-0802
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites,...
多个HTTP代理HTTP Host头错误中继行为漏洞
BUGTRAQ ID: 33858 RFC 2616中所定义的HTTP Host头规范允许多个站点共享单个IP地址。 透明代理服务器无需用户交互或浏览器配置便拦截并重新定向网络连接,而很多以透明模式运行的代理服务器基于HTTP host-header值判断连接。Flash、Java等浏览器插件可能通过限制与内容所来源的站点或域的通讯对活动内容强制访问控制。攻击者可以通过活动内容来伪造主机头的值,这样以透明模式运行的代理服务器就会基于这个伪造的值来确定连接,因此攻击者可以连接到代理可连接到的任何网站或资源,包括通常不会暴露给Internet的内网资源。 Qbik WinGate 6.x...
WinGate IMAP Server Buffer Overflow Vulnerability
This host is running Qbik WinGate, which is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodwingateimapdosvuln900201.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: WinGate IMAP Server Buffer Overflow Vulnerability Authors: Veerendra GG Copyright: Copyright C 200...
Heap overflow
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service resource exhaustion or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third...
CVE-2008-3606
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service resource exhaustion or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third...