675 matches found
CVE-2010-2385
CVE-2010-2385 affects Sun Java System Web Proxy Server 4.0.13. The vulnerability is described as unspecified and exploitable remotely via the Administration Server (HTTP). The CVE is listed with a base score of 5.8 (Medium) and is included in the Oracle July 2010 Critical Patch Update advisory, w...
DirectAdmin <= v1.35.1 XSS vuln.
DirectAdmin = v1.35.1 XSS vuln. Vuln. discovered by : r0t Date: 15 March 2010 vendor:http://www.directadmin.com/ affected versions:v1.35.1 and other versions also can be affected. orginal advisory:http://pridels-team.blogspot.com/2010/03/directadmin-v1351-xss-vuln.html DirectAdmin contains a flaw...
Squid Web代理缓存HTCP请求远程拒绝服务漏洞
BUGTRAQ ID: 38212 CVE ID: CVE-2010-0639 Squid是一个高效的Web缓存及代理程序,最初是为Unix平台开发的,现在也被移植到Linux和大多数的Unix类系统中,最新的Squid可以运行在Windows平台下。 远程攻击者可以通过向Squid的HTCP端口发送畸形报文触发空指针引用,导致Squid崩溃。 Squid Web Proxy Cache 3.0 Squid Web Proxy Cache 2.x 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 对于Squid-2.x 明确配置htcpport...
Debian DSA-1991-1 : squid/squid3 - denial of service
Two denial of service vulnerabilities have been discovered in squid and squid3, a web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2855 Bastian Blank discovered that it is possible to cause a denial of service via a crafted auth header wit...
Debian DSA-2002-1 : polipo - denial of service
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3305 A malicous remote server could cause polipo to crash by sending an invalid Cache-Control heade...
[SECURITY] [DSA 1991-1] New squid/squid3 packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1991-1 [email protected] http://www.debian.org/security/ Steffen Joeris February 04, 2010 http://www.debian.org/security/faq -...
DSA-1991-1 squid squid3 - denial of service
Bulletin has no description...
Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow (PoC)
Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/37648/info Sun Java System Web Server is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the affected application or to obtain...
Squid Gopher Protocol Handling Buffer Overflow (CVE-2005-0094)
Squid is a full featured, open source web proxy caching server. It supports proxying of variety of protocols including FTP, HTTP, DNS and Gopher. A vulnerability exists in the way Squid web proxy handles responses from Gopher servers. An overly long line in a Gopher response can overflow a fixed...
Microsoft ISA Server HTTP Content Header (MS05-034; CVE-2005-1215)
The Microsoft Internet Security and Acceleration ISA Server is a firewall and web proxy caching server. While relaying client requests to upstream servers, ISA will keep a copy of the returned content in its cache. When unchanged resources are later requested by web clients, the content is served...
Squid WCCP Message Parsing Denial Of Service (CVE-2005-0095)
Squid is a full featured, open source web proxy caching server. It supports the proxying of a variety of protocols including FTP, Gopher, and HTTP. It also supports the distribution of cached objects through the Web Cache Communication Protocol WCCP. A vulnerability exists in the way the Squid we...
Oracle Java System Web Proxy sockd Daemon Buffer Overflow (CVE-2007-2881)
Java System Web Proxy Server formerly Sun ONE Web Proxy Server is a software product that collects data from the network, determines where that data should go, and distributes it accordingly. A buffer overflow vulnerability exists in the Java System Web Proxy sockd daemon. The vulnerability is du...
DEBIAN-CVE-2009-2855
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function...
Sun Java System Web Proxy Server Detection (HTTP)
Detection of Java System Web Proxy Server. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Sun Java System Web Proxy Server Denial Of Service Vulnerability - Linux
Java Web Proxy Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sun Java System Web Proxy Server Denial Of Service Vulnerability - Windows
Java Web Proxy Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
The Sun Java System SJS Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service daemon crash via a GET request...
多个浏览器WEB代理重定向处理中间人漏洞
Bugraq ID: 35412 CVE ID:CVE-2009-2061 CVE-2009-2062 CVE-2009-2063 多个浏览器处理WEB代理重定向存在中间人攻击。 攻击者可以利用这个漏洞进行钓鱼攻击或获得敏感信息。不过要利用此漏洞,攻击者必须截获或控制网络通信,如通过中间人,DNS毒药等攻击。 如下浏览器受此漏洞影响: Mozilla Firefox prior to 3.0.10 Apple Safari prior to 3.2.2 Opera prior to 9.25 Opera Software Opera Web Browser 8.51 Opera...
DirectAdmin <= v1.33.6 XSS vuln.
Vuln. discovered by : r0t Date: 19 June 2009 vendor:http://www.directadmin.com/ affected versions:v1.33.6 and other versions also can be affected. orginal advisory:http://pridels-team.blogspot.com/2009/06/directadmin-v1336-xss-vuln.html DirectAdmin contains a flaw that allows a remote Cross-Site...
Sun Java System Web Proxy Server Vulnerabilities - Windows
Sun Java Web Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...