37 matches found
CVE-2008-7249
Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...
CVE-2008-7250
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...
CVE-2008-7249
CVE-2008-7249 : A buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1 (and likely later) allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file. This is a standalone vulnerability distinct from CVE-2008-1167. Affec...
CVE-2008-7249
Buffer overflow in Squid Analysis Report Generator Sarg 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167...
CVE-2008-7250
The CVE-2008-7250 entry describes a Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4. An attacker could inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is mishandled when displaying the Squid proxy log. The ...
Stack overflow
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
CVE-2008-1167
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
DEBIAN-CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1167
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1167
Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information...
CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1168
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: the provenance of this information is unknown;...
CVE-2008-1168
Cross-site scripting (XSS) in Squid Analysis Report Generator (Sarg) affects multiple 2.2.x releases (notably 2.2.4; earlier 2.2.3.1) via the User-Agent header when rendering the Squid proxy log. Root cause: an improper handling of User-Agent data leads to script/HTML injection. Impact: remote at...
Squid Analysis Report Generator <= 2.2.3.1 buffer overflow
====================================================================== Squid Analysis Report Generator = 2.2.3.1 buffer overflow ====================================================================== Author: L4teral l4teral 4t gmail com Impact: buffer overflow Status: fixed version available...