McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.
fd5a23a84846044a1ea5a10e1231aba1d4783081f27119ecd5de07b7485b6ad5Vulnerable installations of Umbraco allow unauthenticated users to abuse the script FeedProxy.aspx into proxying requests on their behalf through the "url" parameter.
19987edc1f1a1fecf2c9df97f5014d7f25ea604cf74d0337f115ba76e02245bcMandriva Linux Security Advisory 2012-044 - A vulnerability has been found and corrected in cvs. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. The updated packages have been patched to correct this issue.
891ba05686fa17391e069c49ba48e6a0ad5b0eba8fc97db8070e0ddf441eeff7Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
ac9e7fea81ae9f981e0e3a0a3524dbb37d2aefac198ef4e781a1ffbf6cab1891Secunia Security Advisory - demonalex has discovered a vulnerability in at32 Reverse Proxy, which can be exploited by malicious people to cause a DoS (Denial of Service).
c3da7fb247e5375b4fcafdfffec8e453be2b180a75385dedf217935ca7fceb78at32 Reverse Proxy version 1.060.310 suffers from multiple HTTP header field denial of service vulnerabilities.
19613ca01eb9c3f61b2d576a3e623d93091cc41f733468f29135ad17c1b2a6c5Ubuntu Security Notice 1371-1 - It was discovered that cvs incorrectly handled certain responses from proxy servers. If a user were tricked into connecting to a malicious proxy server, a remote attacker could cause cvs to crash, or possibly execute arbitrary code.
456195625d6524c03923a1457d002d80445f9f034e991f9bbf3bbe3eb73ae6a5DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.
855bcceb07688d98414efd3e963cb6ddd7ed293ef28ec31ac1b5a96d5409d7a9Red Hat Security Advisory 2012-0323-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.
4e6fc0a992e66dc0e093b5bbb0e471ca71ba9957c66f52c0991686dc70659ccdRed Hat Security Advisory 2012-0321-01 - Concurrent Version System is a version control system that can record the history of your files. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. All users of cvs are advised to upgrade to these updated packages, which contain a patch to correct this issue.
286bd54779b5c16c26d69ad0f13809a6a3ffda1eb265fbfeaf74bff12f263554Ubuntu Security Notice 1368-1 - It was discovered that the Apache HTTP Server incorrectly handled the SetEnvIf .htaccess file directive. An attacker having write access to a .htaccess file may exploit this to possibly execute arbitrary code. Prutha Parikh discovered that the mod_proxy module did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to contact internal webservers behind the proxy that were not intended for external exposure. Various other issues were also addressed.
fa8c135df3525e7c504b7b8471eb4ffb02bbcb4cef2d2668c2621785aaf45c6cRed Hat Security Advisory 2012-0128-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially-crafted URI. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.
47e04bdea922f45dbb611a67d0f33763ce878e42f56c0cde78a5dc761c2218f2Secunia Security Advisory - Red Hat has issued an update for Red Hat Network Proxy. This fixes a weakness, which can be exploited by malicious users to disclose certain sensitive information.
dd5b7e628342e61116eb49a673e516763c751149baee3c3bd7b3e5340c857f9cRed Hat Security Advisory 2012-0102-01 - Red Hat Network Proxy provides a mechanism for caching content, such as package updates from Red Hat or custom content created for an organization on an internal, centrally-located server. If a user submitted a system registration XML-RPC call to an RHN Proxy server and that call failed, their RHN user password was included in plain text in the error messages both stored in the server log and mailed to the server administrator. With this update, user passwords are excluded from these error messages to avoid the exposure of authentication credentials.
37f7e303099d5969d003d6e0c8fbd2ff0aa151afe8c4376919c05979495ea3d8Mandriva Linux Security Advisory 2012-013 - Security issues were identified and fixed in mozilla firefox and thunderbird. Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Various other issues were also addressed.
5c13b7ef97165e75959f465d2ce9e3b748e6c52f37c5fb1421c22c9982237007Red Hat Security Advisory 2012-0085-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
fe4d73c0e1fcfc4fc1ff96734d69098c1227b4827555ab95f7dcc0b4b1d719bfRed Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
05c0dd91dd29762f5e296d14459621c31954abd49ee245eed81ed44d3cf305aeDebian Linux Security Advisory 2393-1 - Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.
aa0e1e2a4fec81c893d4428c6732094a2f6aba097136844a5a8ecb22a2e06f1fMandriva Linux Security Advisory 2012-003 - Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a.htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an \@ character and a : character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. The updated packages have been patched to correct these issues.
c67cf79a3c62b81057754ad363ae14900efdb1f1fcbad2d4c3fd00086a37d2b6iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
09fff7dfe6af95675474fd5d0fc67622fac5a0f3d6e02ee614deae9a2e5dae13Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
0ad25e3652e22117abbc17a70b5d8913e05991318a5506bc7437e662616fdf21NiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.
474102596a87d21818c553be365a5aee27299455bc52719a27f2ca79bcfa0979Ubuntu Security Notice 1295-1 - It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
6537b446fcea6b049718ea977697f880df756abeecdad9dba3605ca876e59b50This is a brief whitepaper that discusses how to root your Android phone and then set up proxying to test applications.
f68c4b71c20e99d858dfdd4434e216dfb1a4faefc63513a24ed2369fae56e59cRed Hat Security Advisory 2011-1791-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this flaw to cause Squid to crash. Users of squid should upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically.
9462f28ff2caece7931bb6bc345528dd2407fca7d2940e8d4d8ed21ebb083998
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed