7022 matches found
Moderate: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
Moderate: Red Hat Security Advisory: squid34 security update
An update for squid34 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
squid: Header Smuggling issue in HTTP Request processing
An input validation flaw was found in Squid's mimegetheaderfield function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid...
squid: SegFault from ESIInclude::Start
A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: SIGSEGV in ESIContext response handling
An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...
squid: SegFault from ESIInclude::Start
A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
squid: multiple issues in ESI processing
Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack...
Moderate: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
squid: SIGSEGV in ESIContext response handling
An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack...
RHEL 7 : squid (RHSA-2016:1139)
An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Konica Minolta FTP Utility 1.0 SEH Buffer Overflow
Exploit Title: Konica Minolta FTP Utility - CWD Command SEH Based Buffer Overflow Vulnerability Date: 24/5/2016 Exploit Author: Mandar Vendor Homepage: http://www.konicaminolta.hk/hk/en-us/download-driver-dl-utilities.php Software Link:...
RHEL 6 : squid34 (RHSA-2016:1140)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2016:1140 advisory. The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP...
Linux/x86-64 - XOR Encode execve Shellcode
/ Title : Linux x8664 XOR encode execve"/bin//sh","//bin/sh","-i",NULL,NULL shellcode Date : 31-05-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / main code ------------------------ section .text global start start: xor rax,rax xor rdx,rdx push rax push rax mov...
Modern Reverse Proxy: Traefik
Modern Reverse Proxy Træfɪk is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends Docker , Swarm , Mesos/Marathon , Kubernetes , Consul , Etcd , Zookeeper , BoltDB , Rest API, file… to manage its configuration automatically and...