New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...

Phishing Tool Analysis: Modlishka

Additional research and support provided by Danny Wasserman. Overview One of the goals of phishing sites is to lure individuals into providing sensitive data, such as personally identifiable information, banking and credit card details, and passwords, through the use of email, SMS, social media,...

Razer: Request Smuggling vulnerability due a vulnerable skipper reverse proxy running in the environment.

The tester discovered that a server was using Skipper as a reverse proxy that was not fully patched, allowing a request smuggling vulnerability. We thank the tester for his report and excellent PoC and his patience with the slow response of the engineering team...

CVE-2019-3878

A vulnerability was found in modauthmellon. If Apache is configured as a reverse proxy and modauthmellon is configured to only let through authenticated users with the require valid-user directive, adding special HTTP headers that are normally used to start the special SAML ECP non-browser based...

HTTP Request Smuggling

github.com/golang/go is vulnerable to HTTP request smuggling. The vulnerability exists as invalid HTTP/1.1 headers were accepted and normalized with a space before the colon, allowing a reverse proxy to interpret the headers differently...

go -- invalid headers are normalized, allowing request smuggling

The Go project reports: net/http through net/textproto used to accept and normalize invalid HTTP/1.1 headers with a space before the colon, in violation of RFC 7230. If a Go server is used behind a reverse proxy that accepts and forwards but doesn't normalize such invalid headers, the reverse pro...

Important: nginx:1.14 security update

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 Post Office Protocol 3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Security Fixes: HTTP/2: large amount of data request leads to denial of service CVE-2019-9511 HTTP/2: flood using...

ALSA-2019:2799 Important: nginx:1.14 security update

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 Post Office Protocol 3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Security Fixes: HTTP/2: large amount of data request leads to denial of service CVE-2019-9511 HTTP/2: flood using...

CVE-2019-14997

The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN...

Authentication flaw

The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnerability when Jira is configured with a reverse Proxy and or a load balancer with caching or a CDN...

CVE-2019-14997

CVE-2019-14997 affects Jira AccessLogFilter, enabling remote anonymous attackers to learn details about other users (including usernames) via an information disclosure through caching when Jira is behind a reverse proxy/load balancer with caching or a CDN. Affected software is Jira before version...

Fedora Update for nginx FEDORA-2019-7a0b45fdc4

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: nginx-1.16.1-1.fc30

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

URL Path Traversal in Jira Service Desk Server and Jira Service Desk Data Center Allows Information Disclosure - CVE-2019-14994

A URL path traversal vulnerability in Jira Service Desk Server and Jira Service Desk Data Center allows a remote attacker with portal access to view all issues from all projects in the affected instance. This could include Jira Service Desk projects, Jira Core projects, and Jira Software projects...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mod_auth_mellon Multiple Vulnerabilities (NS-SA-2019-0077)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has modauthmellon packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in modauthmellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass throug...

Linking image renders image as HTTP instead of HTTPS

h3. Issue Summary Linking existing image on Confluence page will appear as broken image due to mix content. The request url is rendered with HTTP instead of HTTPS. h3. Steps to Reproduce Create/edit a page. Click + and select Files and images. Attach an image to the page. Click on image and then...

Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECUREPROXYSSLHEADER and SECURESSLREDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

GHSA-6C7V-2F49-8H26 Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECUREPROXYSSLHEADER and SECURESSLREDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

Man-in-the-Middle (MitM)

django is vulnerable to man-in-the-middle attacks. HTTP requests are not redirected to HTTPS in accordance with SECURESSLREDIRECT when deployed behind a reverse-proxy due to incorrect results for issecure and buildabsoluteuri...

Debian: Security Advisory (DLA-1842-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...