Searching proxy software vulnerabilities

Delegate proxy 5.9.3 and earlier creates files

Delegate | proxy |

Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.


The telnet proxy in RideWay PN proxy server all

connections | malformed | attackers | requests | service | RideWay | contain | denial | server | telnet | remote | allows | cause | proxy | flood | via |

The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests.


Buffer overflows in Avirt Gateway Suite 4.2 all

attackers | arbitrary | overflows | possibly | service | Gateway | execute | denial | remote | Buffer | Suite | Avirt | cause | allow | code | via |

Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.


Vulnerability in Squid before 2.4.STABLE6 relat

authentication | Vulnerability | credentials | 24STABLE6 | password | related | remote | obtain | user's | before | sites | login | proxy | Squid | allow | may | web |

Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.


The HTTP proxy for Symantec Enterprise Firewall

Enterprise | Firewall | Symantec | proxy | HTTP |

The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.


Buffer overflow in AnalogX Proxy 4.13 allows re

overflow | AnalogX | Buffer | Proxy |

Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588.


BEA WebLogic Server proxy plugin for BEA Weblog

attackers | WebLogic | Express | through | service | remote | Server | denial | plugin | allows | cause | proxy | BEA |

BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL.


HTTP Proxy in Sambar Server before 6.0 beta 6,

securityini | Server | before | Sambar | lacks | Proxy | HTTP | beta |

HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.


The Telnet proxy in 602 Lan Suite 2004.0.04.090

Telnet | proxy |

The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop.


Firefox before 1.0 and Mozilla before 1.7.5, wh

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.


eXeem 0.21 stores sensitive information such as

eXeem |

eXeem 0.21 stores sensitive information such as passwords in plaintext in the Exeem registry key, which allows local users to gain privileges via the proxy_user and proxy_password values.


Buffer overflow in Sun Java System Web Proxy Se

overflow | System | Server | Buffer | Proxy | Java | Sun | Web |

Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors.


The HTTP proxy service in Server Admin for Mac

service | Server | Admin | proxy | HTTP | Mac |

The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy.


ExoticSoft FilePocket 1.2 stores sensitive prox

information | privileges | ExoticSoft | FilePocket | passwords | plaintext | including | sensitive | registry | allows | stores | users | proxy | which | local | gain |

ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges.


The HTTP proxy in Astaro Security Linux 6.0 all

Proxy-authorization | information | attackers | sensitive | Security | message | invalid | reveals | request | remote | allows | string | Astaro | obtain | error | Linux | proxy | which | HTTP | via |

The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.


Microsoft Internet Explorer 5.01, 5.5, and 6, w

Microsoft | Explorer | Internet |

Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."


Sun Update Connection in Sun Solaris 10, when c

authentication | configured | Connection | password | Solaris | allows | obtain | Update | users | local | proxy | Sun | via | web | use |

Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files.


The Kernel SSL Proxy service (svc:/network/ssl/

service | Kernel | Proxy | SSL |

The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before Tuesday, September 26, 2006 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.


Multiple stack-based buffer overflows in the SO

stack-based | overflows | Multiple | support | buffer | proxy | SOCKS |

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.


The date handling code in modules/proxy/proxy_u

modules/proxy/proxy_utilc | handling | date | code |

The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.


Software vulnerabilities results 1 to 20 of 167     
Page: 12345...9