EUVD-2015-7194

Malware in sbrugna...

CVE-2015-7264

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...

Design/Logic Flaw

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...

Design/Logic Flaw

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value...

CVE-2015-7264

Facebook Proxygen’s SPDY/2 codec contains a vulnerability (CVE-2015-7264) in versions prior to 2015-11-09 where a field is truncated to two bytes, enabling hijacking and injection attacks over the network. The issue affects the SPDY/2 handling within Proxygen; exploitation is described as enablin...

CVE-2015-7263

Facebook Proxygen’s SPDY/2 codec (pre-2015-11-09) is vended with a vulnerability that allows remote attackers to hijack sessions and bypass ACL checks by sending a crafted host value. Affected component: SPDY/2 codec in Proxygen. Underlying impact described in sources as partial integrity impact ...

CVE-2015-7264

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks...

CVE-2015-7263

The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value...

tls-nextprotoneg NSE Script

Enumerates a TLS server's supported protocols by using the next protocol negotiation extension. This works by adding the next protocol negotiation extension in the client hello packet and parsing the returned server hello's NPN extension data. For more information, see: Script Arguments...