CVE-2011-3621

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...

Authentication flaw

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...

CVE-2011-3621

The CVE-2011-3621 entry concerns a reverse proxy handling flaw in FluxBB prior to 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. The description is supported by the NVD entry, which lists a CVSS2 base score of 7.5 (HIGH) and a CVSS3.1 base score of 9.8 (CRITICAL), indicating a potentially seve...

CVE-2011-3621

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...

Internet Bug Bounty: Squid as reverse proxy RCE and data leak

Summary: This was a very difficult experience as Squid maintainers took a long time to answer. I tried getting help from HackerOne support, Dropbox support and the Internet Bug Bounty never e-mailed me back to no avail. What could have taken a few days took months. The vulnerability concerns a...

Content Delivery Networks handle HTTP headers in different and unexpected ways

Overview A Content Delivery Network CDN is a distributed network of proxy servers that deliver web content collected from a back end web server using a temporary local storage called a cache. HTTP cache poisoning is a type of attack that allows a remote attacker to inject arbitrary content using...

CVE-2018-12122

It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service. Mitigation The use of a Load Balancer or a Reverse Prox...

HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress

Impact If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Content-Length: 10 Transfer-Encoding: \x0bchunked For clarity: 0x0b == vertical...

HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

HTTP Request Smuggling: LF vs CRLF handling in Waitress

Impact Waitress implemented a "MAY" part of the RFC7230 https://tools.ietf.org/html/rfc7230section-3.5 which states: Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR...

PT-2019-6231 · Waitress +3 · Waitress +3

Name of the Vulnerable Software and Affected Versions: Waitress versions 1.3.1 and earlier Description: The issue arises from Waitress implementing a "MAY" part of the RFC7230, which allows recognizing a single LF as a line terminator and ignoring any preceding CR. This can lead to a potential fo...

[SECURITY] Fedora 31 Update: haproxy-2.0.10-1.fc31

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 30 Update: haproxy-1.8.23-1.fc30

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

PT-2019-14826

Name of the Vulnerable Software and Affected Versions Puma versions prior to 3.12.2 Puma versions prior to 4.3.1 Description A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened th...

Debian DSA-4577-1 : haproxy - security update

Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2019-4036

IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159...

CVE-2019-4036

CVE-2019-4036 affects IBM Security Access Manager Appliance. The available documents show unauthenticated remote denial-of-service against the reverse proxy, commonly associated with Slow HTTP/Slowloris abuse. Affected product: IBM Security Access Manager Appliance (ISAM Appliance); impact: denia...

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...

Phishing Tool Analysis: Modlishka

Additional research and support provided by Danny Wasserman. Overview One of the goals of phishing sites is to lure individuals into providing sensitive data, such as personally identifiable information, banking and credit card details, and passwords, through the use of email, SMS, social media,...