2155 matches found
RedHat Update for httpd RHSA-2011:1392-01
Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2011:1392-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
httpd: reverse web proxy vulnerability
The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...
httpd: reverse web proxy vulnerability
The modproxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to...
Moderate: Red Hat Security Advisory: httpd security and bug fix update
Updated httpd packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
Apache Httpd < 2.2.22 : mod_proxy reverse proxy exposure
An additional exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution
Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...
Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
No description provided by source. !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url + "@" +...
Apache mod_proxy - Reverse Proxy Exposure
!/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url + "@" + internaltarget + ":" + internalport...
Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
Apache HTTP Server is prone to an information disclosure vulnerability. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
Apache HTTP Server is prone to an information disclosure vulnerability. An attacker can exploit this vulnerability to gain access to sensitive information. OpenVAS Vulnerability Test $Id: gbapache49957.nasl 5424 2017-02-25 16:52:36Z teissa $ Apache HTTP Server 'modproxy' Reverse Proxy Information...
Apache mod_proxy - Reverse Proxy Exposure
Apache modproxy - Reverse Proxy Exposure !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get = "GET " + url +...
Apache Reverse Proxy Bypass Vulnerability Scanner
Scan for poorly configured reverse proxy servers. By default, this module attempts to force the server to make a request with an invalid domain name. Then, if the bypass is successful, the server will look it up and of course fail, then responding with a status code 502. A baseline status code is...
Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC
Exploit for multiple platform in category remote exploits !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get ...
Mandriva Update for apache MDVSA-2011:144 (apache)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Apache Patch released for Reverse proxy Bypass Vulnerability
Apache Patch released forReverse proxy Bypass Vulnerability Security experts at Context have discovered a hole in the Apache web server that allows remote attackers to access internal servers. Security experts are warning firms running the Apache web server to keep up to date with the latest...
Apache Patch released for Reverse proxy Bypass Vulnerability
Apache Patch released for Reverse proxy Bypass Vulnerability Security experts at Context have discovered a hole in the Apache web server that allows remote attackers to access internal servers. Security experts are warning firms running the Apache web server to keep up to date with the latest...
Apache HTTP Server Reverse Proxy Bypass
The Apache Foundation has issued a Security Advisory to address a vulnerability in Apache HTTP Server's reverse proxy mode. Exploitation of this vulnerability may allow a remote attacker to gain access to internal systems. US-CERT encourages users and administrators to review the Apache HTTP Serv...
Apache Reverse Proxy Bypass
===============================ADVISORY============================== Systems Affected: Apache httpd Severity: High Category: Proxy Bypass Author: Context Information Security Ltd Reported to vendor: 16th November 2011 Advisory Issued: 5th October 2011 Reference: CVE-2011-3368...