[Full-Disclosure] iDEFENSE Security Advisory 06.08.04: Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability

Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability iDEFENSE Security Advisory 06.08.04 www.idefense.com/application/poi/display?id=107&type=vulnerabilities June 8, 2004 I. BACKGROUND Squid is a fully-featured Web Proxy Cache designed to run on Unix systems and supports...

[Full-Disclosure] MondoSoft - Proxy through MsmHigh.exe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - Proxy through MsmHigh.exe Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200401.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...

trendmicro.txt

TrendMicro Interscan Viruswall Directory Traversal ================================================= PROGRAM: TrendMicro Interscan Viruswall HOMEPAGE: http://www.trendmicro.com VULNERABLE VERSIONS: - 3.5x Windows - Unix/Solaris version is not tested but possibly vulnerable DESCRIPTION...

TrendMacro Interscan Viruswall Directory Traversal

TrendMacro Interscan Viruswall Directory Traversal ================================================= PROGRAM: TrendMacro Interscan Viruswall HOMEPAGE: http://www.trendmicro.com VULNERABLE VERSIONS: - 3.5x Windows - Unix/Solaris version is not tested but possibly vulnerable DESCRIPTION...

CVE-2004-0326

Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request...

CVE-2004-0326

The CVE-2004-0326 entry maps to a stack/buffer overflow in the web proxy of GateKeeper Pro 4.7 triggered by a long HTTP GET request to the proxy’s default port 3128, enabling remote code execution as described in multiple sources. Connected docs include exploit-related references (Metasploit modu...

GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits =========================================================== GateKeeper Pro 4.7 web proxy Remote Buffer Overflow Exploit =========================================================== /================CRPT - FrenchTeam =================...

Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow

Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow /================CRPT - FrenchTeam ================= Coromputer Security Advisory - CRPTSA-01 =================== Summary ===================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer...

Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow

/================CRPT - FrenchTeam ================= Coromputer Security Advisory - CRPTSA-01 =================== Summary ===================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer overflow Release Date : 2004-02-23 =================== Description...

[Full-Disclosure] GateKeeper Pro 4.7 buffer overflow

/==============================CRPT - French Team============================= Coromputer Security Advisory - CRPTSA-01 ================================== Summary ================================== Software : GateKeeper Pro 4.7 Platforms : win32 Risk : High Impact : Buffer overflow Release Date :...

Inktomi Traffic-Server XSS: man-in-the-middle XSS !

Please we would like that credits of this vulnerability go to INFOHACKING Hugo Vбzquez Caramйs and Toni Cortйs Martinez. Actually we work at "Secdor R&D". The vulnerabily was found, once again, during a pen-test. INKTOMI Traffic-Server XSS We have just discovered a bug in a software called "Inkto...

CVE-2002-0990

The web proxy component in Symantec Enterprise Firewall SEF 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service connection resource exhaustion via multiple connection requests to domains whose DNS server...

Hosting Controller Vulnerability

In Hosting Controller 2002, it is possible to change the password of any user, Administrator. To exploit this, one would have to: Add a user /accounts/getuserdesc.asp Edit the user, changing the password /accounts/updateuserdesc.asp Then using something like the @stake web proxy, change the hidde...

Proxomitron Naoko-4 - Cross-Site Scripting

Proxomitron Naoko-4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for...

Proxomitron Naoko-4 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for script code to be embedded in the error page...

Squid Web Proxy 2.3 - Reverse Proxy

Squid Web Proxy 2.3 - Reverse Proxy source: https://www.securityfocus.com/bid/3062/info Squid is a free client-side web proxy that retrieves cached web pages for quick browsers and a reduction in bandwidth consumption. Squid servers, when configured as an "HTTP accelerator only", may allow remote...

Squid Web Proxy 2.3 - Reverse Proxy

source: https://www.securityfocus.com/bid/3062/info Squid is a free client-side web proxy that retrieves cached web pages for quick browsers and a reduction in bandwidth consumption. Squid servers, when configured as an "HTTP accelerator only", may allow remote attackers to use them as port...

[SX-20010320-2] - Microsoft ISA Server Denial of Service

FSC Internet Corp. / SecureXpert Labs Advisory SX-20010320-2 Denial of Service in Microsoft ISA server v1.0 Summary Microsoft ISA Server 1.0 on Windows 2000 Server SP1 is vulnerable to a simple network-based attack which stops all incoming and outgoing web traffic from passing through the firewal...

ISA.dos.txt

FSC Internet Corp. / SecureXpert Labs Advisory SX-20010320-2 Denial of Service in Microsoft ISA server v1.0 Summary Microsoft ISA Server 1.0 on Windows 2000 Server SP1 is vulnerable to a simple network-based attack which stops all incoming and outgoing web traffic from passing through the firewal...

Microsoft ISA Server 2000 Web Proxy - Denial of Service

Microsoft ISA Server 2000 Web Proxy - Denial of Service // source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy...