exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

McAfee Web Gateway And Squid Proxy 3.1.19 Bypass
Posted Apr 13, 2012
Authored by Gabriel Menezes Nunes

McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.

tags | exploit, web, proof of concept, bypass
systems | unix
advisories | CVE-2012-2212, CVE-2012-2213
SHA-256 | fd5a23a84846044a1ea5a10e1231aba1d4783081f27119ecd5de07b7485b6ad5

Related Files

Umbraco 4.x Open Proxy
Posted Apr 6, 2012
Authored by Florent Daigniere | Site trustmatta.com

Vulnerable installations of Umbraco allow unauthenticated users to abuse the script FeedProxy.aspx into proxying requests on their behalf through the "url" parameter.

tags | advisory
advisories | CVE-2012-1301
SHA-256 | 19987edc1f1a1fecf2c9df97f5014d7f25ea604cf74d0337f115ba76e02245bc
Mandriva Linux Security Advisory 2012-044
Posted Mar 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-044 - A vulnerability has been found and corrected in cvs. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. The updated packages have been patched to correct this issue.

tags | advisory, web, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-0804
SHA-256 | 891ba05686fa17391e069c49ba48e6a0ad5b0eba8fc97db8070e0ddf441eeff7
Proxy Check 02122011
Posted Mar 21, 2012
Authored by Alejandro Ramos | Site securitybydefault.com

Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.

tags | tool, web, scanner
systems | linux, unix
SHA-256 | ac9e7fea81ae9f981e0e3a0a3524dbb37d2aefac198ef4e781a1ffbf6cab1891
Secunia Security Advisory 48460
Posted Mar 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - demonalex has discovered a vulnerability in at32 Reverse Proxy, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | c3da7fb247e5375b4fcafdfffec8e453be2b180a75385dedf217935ca7fceb78
at32 Reverse Proxy 1.060.310 Denial Of Service
Posted Mar 19, 2012
Authored by demonalex

at32 Reverse Proxy version 1.060.310 suffers from multiple HTTP header field denial of service vulnerabilities.

tags | exploit, web, denial of service, vulnerability
SHA-256 | 19613ca01eb9c3f61b2d576a3e623d93091cc41f733468f29135ad17c1b2a6c5
Ubuntu Security Notice USN-1371-1
Posted Feb 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1371-1 - It was discovered that cvs incorrectly handled certain responses from proxy servers. If a user were tricked into connecting to a malicious proxy server, a remote attacker could cause cvs to crash, or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0804
SHA-256 | 456195625d6524c03923a1457d002d80445f9f034e991f9bbf3bbe3eb73ae6a5
DNSChef 0.1
Posted Feb 22, 2012
Authored by Peter Kacherginsky | Site thesprawl.org

DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.

tags | local
systems | unix
SHA-256 | 855bcceb07688d98414efd3e963cb6ddd7ed293ef28ec31ac1b5a96d5409d7a9
Red Hat Security Advisory 2012-0323-01
Posted Feb 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0323-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2011-3607, CVE-2011-3639, CVE-2012-0031, CVE-2012-0053
SHA-256 | 4e6fc0a992e66dc0e093b5bbb0e471ca71ba9957c66f52c0991686dc70659ccd
Red Hat Security Advisory 2012-0321-01
Posted Feb 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0321-01 - Concurrent Version System is a version control system that can record the history of your files. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. All users of cvs are advised to upgrade to these updated packages, which contain a patch to correct this issue.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-0804
SHA-256 | 286bd54779b5c16c26d69ad0f13809a6a3ffda1eb265fbfeaf74bff12f263554
Ubuntu Security Notice USN-1368-1
Posted Feb 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1368-1 - It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | fa8c135df3525e7c504b7b8471eb4ffb02bbcb4cef2d2668c2621785aaf45c6c
Red Hat Security Advisory 2012-0128-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0128-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially-crafted URI. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2012-0031, CVE-2012-0053
SHA-256 | 47e04bdea922f45dbb611a67d0f33763ce878e42f56c0cde78a5dc761c2218f2
Secunia Security Advisory 47906
Posted Feb 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for Red Hat Network Proxy. This fixes a weakness, which can be exploited by malicious users to disclose certain sensitive information.

tags | advisory
systems | linux, redhat
SHA-256 | dd5b7e628342e61116eb49a673e516763c751149baee3c3bd7b3e5340c857f9c
Red Hat Security Advisory 2012-0102-01
Posted Feb 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0102-01 - Red Hat Network Proxy provides a mechanism for caching content, such as package updates from Red Hat or custom content created for an organization on an internal, centrally-located server. If a user submitted a system registration XML-RPC call to an RHN Proxy server and that call failed, their RHN user password was included in plain text in the error messages both stored in the server log and mailed to the server administrator. With this update, user passwords are excluded from these error messages to avoid the exposure of authentication credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0059
SHA-256 | 37f7e303099d5969d003d6e0c8fbd2ff0aa151afe8c4376919c05979495ea3d8
Mandriva Linux Security Advisory 2012-013
Posted Feb 4, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-013 - Security issues were identified and fixed in mozilla firefox and thunderbird. Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2011-3659, CVE-2011-3670, CVE-2012-0442, CVE-2012-0443, CVE-2012-0444, CVE-2012-0445, CVE-2012-0446, CVE-2012-0447, CVE-2012-0449, CVE-2012-0450
SHA-256 | 5c13b7ef97165e75959f465d2ce9e3b748e6c52f37c5fb1421c22c9982237007
Red Hat Security Advisory 2012-0085-01
Posted Feb 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0085-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3670, CVE-2012-0442
SHA-256 | fe4d73c0e1fcfc4fc1ff96734d69098c1227b4827555ab95f7dcc0b4b1d719bf
Red Hat Security Advisory 2012-0084-01
Posted Feb 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3670, CVE-2012-0442
SHA-256 | 39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391
Zorp Proxy Firewall Suite 3.9.3
Posted Jan 29, 2012
Authored by Balazs Scheidler | Site balabit.com

Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Changes: This release fixes passphrase handling of trusted CA private keys and removes support for obsolete Linux versions and Solaris.
tags | tool, firewall
systems | unix
SHA-256 | 05c0dd91dd29762f5e296d14459621c31954abd49ee245eed81ed44d3cf305ae
Debian Security Advisory 2393-1
Posted Jan 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2393-1 - Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-0806
SHA-256 | aa0e1e2a4fec81c893d4428c6732094a2f6aba097136844a5a8ecb22a2e06f1f
Mandriva Linux Security Advisory 2012-003
Posted Jan 10, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-003 - Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a.htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an \@ character and a : character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, overflow, local
systems | linux, mandriva
advisories | CVE-2011-3607, CVE-2011-4317
SHA-256 | c67cf79a3c62b81057754ad363ae14900efdb1f1fcbad2d4c3fd00086a37d2b6
Linux IPTables Firewall 1.4.12.2
Posted Jan 6, 2012
Site iptables.org

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

Changes: A handful of fixes were made in the option parser. Additional pkgconfig files are now available for libiptc.
tags | tool, firewall
systems | linux
SHA-256 | 09fff7dfe6af95675474fd5d0fc67622fac5a0f3d6e02ee614deae9a2e5dae13
Pound Reverse HTTP Proxy 2.6
Posted Dec 29, 2011
Authored by roseg | Site apsis.ch

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: Support for SNI via multiple Cert directives. A pre-defined number of threads for better performance on small hardware. Translation of hexadecimal characters in the URL for pattern matching. Support for a "Disabled" directive in the configuration. More detailed error logging. Allows multiple AddHeader directives.
tags | tool, web
systems | linux
SHA-256 | 0ad25e3652e22117abbc17a70b5d8913e05991318a5506bc7437e662616fdf21
NiX API Script
Posted Dec 20, 2011
Site nixapi.com

NiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.

tags | tool, scanner
systems | unix
SHA-256 | 474102596a87d21818c553be365a5aee27299455bc52719a27f2ca79bcfa0979
Ubuntu Security Notice USN-1295-1
Posted Dec 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1295-1 - It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

tags | advisory, remote, imap
systems | linux, ubuntu
advisories | CVE-2011-4318
SHA-256 | 6537b446fcea6b049718ea977697f880df756abeecdad9dba3605ca876e59b50
Pentesting Android Mobile Applications
Posted Dec 7, 2011
Authored by Khushboo Sharma

This is a brief whitepaper that discusses how to root your Android phone and then set up proxying to test applications.

tags | paper, root
SHA-256 | f68c4b71c20e99d858dfdd4434e216dfb1a4faefc63513a24ed2369fae56e59c
Red Hat Security Advisory 2011-1791-01
Posted Dec 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1791-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this flaw to cause Squid to crash. Users of squid should upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2011-4096
SHA-256 | 9462f28ff2caece7931bb6bc345528dd2407fca7d2940e8d4d8ed21ebb083998
Page 2 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close