671 matches found
CVE-2007-6571
CVE-2007-6571 describes a cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected product/version: Sun Java System Web Proxy Server 3.6 prior to SP11...
CVE-2007-6569
Sun Java System Web Proxy Server 4.x (and Web Server) are vulnerable to cross-site scripting in the View Error Log/related log-viewing function (BugID 6566246). The JVN entry confirms the issue is a client-side script injection via unspecified vectors, affecting the Web Server and Web Proxy Serve...
Sun Java Web Proxy Server和Sun Java Web Server跨站脚本漏洞
BUGTRAQ ID: 26978 CNCAN ID:CNCAN-2007122401 Sun Java Web Proxy Server和Sun Java Web Server是两款基于JAVA的应用服务程序。 Sun Java Web Proxy Server和Sun Java Web Server存在输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,可获得敏感信息或任意脚本代码执行。 目前没有详细漏洞细节提供。 Sun Java Web Proxy Server 4.0.5 Sun Java Web Proxy Server 4.0.4 Sun Java Web Proxy...
Microsoft Web Proxy Auto-Discovery代理欺骗漏洞
BUGTRAQ ID: 26686 CVE ID:CVE-2007-5355 CNCVE ID:CNCVE-20075355 Microsoft Web Proxy是一款支持WEB代理服务程序。 Microsoft Web Proxy Auto-Discovery存在设计问题,远程攻击者可以利用漏洞获得敏感信息对系统进行进一步攻击。 此漏洞影响Web Proxy Auto-Discovery WPAD,目前Microsoft没有接收到任何在公告场合利用此漏洞攻击客户的信息,根据调查,拥有第三级或更深级域名的“contoso.co.us”客户将受此漏洞影响。目前没有详细漏洞细节提供。...
CVE-2007-5355
The CVE describes a design/logic issue in Microsoft WPAD for Internet Explorer 6/7 where, if a primary DNS suffix has three or more components, unqualified wpad queries can resolve to a host in a deeper second-level domain outside the configured DNS zone, enabling potential MITM by remote WPAD se...
Anti-DNS Pinning and Java Applets with HTTP proxy
Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...
phpmyadmin -- cross-site scripting vulnerability
The DigiTrust Group reports: When creating a new database, a malicious user can use a client-side Web proxy to place malicious code in the db parameter of the POST request. Since dbcreate.php does not properly sanitize user-supplied input, an administrator could face a persistent XSS attack when...
DirectAdmin <= v1.30.2 XSS vuln.
DirectAdmin = v1.30.2 XSS vuln. Vuln. discovered by : r0t Date: 10 September 2007 vendor:http://www.directadmin.com/ orginal advisory: http://pridels-team.blogspot.com/2007/09/directadmin-v1302-xss-vuln.html affected versions:v1.30.2 and previous DirectAdmin contains a flaw that allows a remote...
Update Protection against Sun Microsystems Java System Web Proxy sockd Daemon Buffer Overflow Vulnerability
A buffer overflow vulnerability has been reported in the Java System Web Proxy sockd daemon. Java System Web Proxy Server collects and distributes data from the network. It provides protocol support for SOCKS - an Internet protocol that allows client-server applications to transparently use the...
[scip_Advisory 3159] SiteScape forum prior 7.3 Cross Site Scripting
SiteScape forum prior 7.3 Cross Site Scripting scip AG Vulnerability ID 3159 07/13/2007 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3159 I. INTRODUCTION SiteScape forum is a commercial web forum. It uses presence to connect teams through phone, IM, chat, SMS and email, as well as voice- and...
Solaris 5.8 (x86) : 120982-18
Sun Java System Web Proxy Server 4.0.11, x86 SVR4 patch: Mainte. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...
Solaris 5.9 (sparc) : 120981-18
Sun Java System Web Proxy Server 4.0.11, Solaris SVR4 patch: Mai. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...
Solaris 5.8 (sparc) : 120981-18
Sun Java System Web Proxy Server 4.0.11, Solaris SVR4 patch: Mai. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...
Solaris 5.10 (x86) : 120982-18
Sun Java System Web Proxy Server 4.0.11, x86 SVR4 patch: Mainte. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...
Sun Java System Web Proxy sockd buffer overflow
Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...
Sun Java System Web Proxy sockd buffer overflow
Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...
Sun Java System Web Proxy Server fails to properly process malformed packets
Overview A vulnerability in the way Sun Java System Web Proxy Server processes malformed packets may allow execution of arbitrary code. Description SOCKS is a network protocol that provides a framework that allows client-server applications to securely use network firewall services. A vulnerabili...
Sun Java System Web Proxy sockd buffer overflow
Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...
Stack overflow
Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...
CVE-2007-2881
Sun Java System Web Proxy Server (sockd) is affected by a buffer overflow in the SOCKS proxy support during protocol negotiation. The issue resides in the sockd daemon and can allow a remote attacker to execute arbitrary code with the privileges of the SOCKS server; impact is described as remote ...