McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.
fd5a23a84846044a1ea5a10e1231aba1d4783081f27119ecd5de07b7485b6ad5Debian Linux Security Advisory 2304-1 - Ben Hawkes discovered that squid3, a full featured Web Proxy cache (HTTP proxy), is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions (daemon crash) or the possibly the execution of arbitrary code with rights of the squid daemon.
d12e9e5264cc5c0d43a122aee60efae5e71d32773d9be898243e6624918f8fa9In July, hundreds of Chinese proxies on port 8909 started showing up every day on public proxy lists. In August the daily numbers were in the thousands. This is a list of proxies that was collected during that time period.
07734a666e79ddaaebecc4f67e7cc5031501d12f974f42ac3ebd5d805eaaad98This Metasploit module exploits an Authentication Bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server The AUTOVNC option requires that vncviewer be installed on the attacking machine. This option should be disabled for Pro.
e04dfdae1c144c55bf3ae60b0db55de39d6d8b5d1ffc4b3506d87fa3c3c8e7c6Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
fa7153f409e721608f962300415cd744516afae4772594ad9b060ca5a0cf7718This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more.
e6d3a1cd8a6fa5f6e9f33e49d57f146a4d4da585e01f24788cee3f1a640ce71ator2web is a web proxy tool that promotes the use of Tor hidden services. It is based on the Glype web proxy and is meant to protect publishers.
cce7e40485ff71e300a94f1b33fe17d272c19d30a598f986aa09bd895f2746d5WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
a78a5a6c40926c354bfc17aab3946366ddedf5ab4bbb887ce855dc666d9bbc86This Metasploit module exploits a stack buffer overflow in process bcaaa-130.exe (port 16102), which comes as part of the Blue Coat Authentication proxy. Please note that by default, this exploit will attempt up to three times in order to successfully gain remote code execution (in some cases, it takes as many as five times). This can cause your activity to look even more suspicious. To modify the number of exploit attempts, set the ATTEMPTS option.
ba8634a1f89adc72bb1fa6c7125d662b2e0d1e9a7d1b79249e69e1b06460f06eThe software referred to as BCAAA (Blue Coat Authentication and Authorization Agent) is installed on a domain server (not necessarily a domain controller, a member server is enough) and acts as an intermediary between a Blue Coat ProxySG and the domain. The BCAAA Windows Service is vulnerable to a stack-based buffer overflow, this can lead to remote code execution running with SYSTEM privileges. Affected are all versions of BCAAA associated with ProxySG releases 4.2.3, 4.3, 5.2, 5.3, 5.4, 5.5, and 6.1 available prior to April 21, 2011 or with a build number less than 60258. All versions of BCAAA associated with ProxyOne are also vulnerable.
54bac8253d4a2373e84fd3215e027da96d0d0887a6fbb0fdaedba7dac543322fNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
92e2a17dd09e58939f6c299a0c0d7af3c7d2b257ecb922c85bd13e875faf5835Secunia Security Advisory - A weakness has been reported in Blue Coat ProxySG, which can be exploited by malicious, local users to disclose sensitive information.
0fc47b6f37c8cc3dc241557a451acb2af8d19f702f8f0314068fe18b41b4d356iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
c436df01657b30fe1ee7bb14324e5250adefaaaad8fde5760f95f3db55ae4618Microsoft Windows Vista/Server 2008 nsiproxy.sys local kernel denial of service exploit.
4c62bc0bdb4613a8d22165e49dbe876c86fa1825bcd8b2047eae3fd7038cecc3Secunia Security Advisory - Debian has issued an update for tinyproxy. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
2874fc069bfddd22f0505a50e658c87b744525863f8b4d2e6c5b67a1888293d2Debian Linux Security Advisory 2222-1 - Christoph Martin discovered that incorrect ACL processing in TinyProxy, a lightweight, non-caching, optionally anonymizing http proxy could lead to unintended network access rights.
cdadeae7250fe46fb3e06995054880c6eda0c65288a77f58a86da67cd8299541sec-wall is a high-performance security proxy that supports SSL/TLS, WS-Security, HTTP Auth Basic/Digest, extensible authentication schemes based on custom HTTP headers and XPath expressions, powerful URL matching/rewriting, and an optional header enrichment. It's a security wall with which you can conveniently fence otherwise defenseless backend servers.
0297ae5a5ab72b01968fb6f36953dc782b1dc5fc91df7729923b47036aaad7daSecunia Security Advisory - A vulnerability has been reported in HAProxy, which can be exploited by malicious people to cause a DoS (Denial of Service).
6f9b5f7fa1474e7bfb42732af09c14b81ca4a381eac27c592b3d3256918d32b0Secunia Security Advisory - A security issue has been reported in tinyproxy, which can be exploited by malicious people to bypass certain security restrictions.
276ff43d0011456dd6cd9799a0cb06d638f8fb80fbd1c984fcbef3412f12ae2cWATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
478a1566e4c6f7dc28d734eedcb6ba04390148a32396154c928a3e2488959054YCrawler is a web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support.
602e299d0d83a27072e94350f35ff2215599c2fc81c708ab79ed31bcc7d34dc0Zero Day Initiative Advisory 11-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.
4c46b3ec192f1d813df40166389dd74826a1e212deec18e5d0c463478a0543f9ctunnel is a program for tunneling and proxying TCP or UDP connections via a cryptographic tunnel. ctunnel can be used to secure any existing TCP or UDP based protocol, such as HTTP, Telnet, FTP, RSH, MySQL, VNC, DNS, XDMCP, NFS, etc. You can also chain or bounce connections to any number of intermediary hosts.
a07bb5f48987ec0cb01d01ae7eb2fc00a06a1928fa25afe3999ceb4398f0941aNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
d44cd28fc087a98056234ac56fc187b6742daa5c20f56bc4d524548042f4b25egetTorExitNode is a tool that aims at providing torproxy (from tortunnel) with a valid Tor exit node. It returns one or all valid Tor exit nodes. Written in Python.
93f50f1df03039d204ea6ad979133e72a084758137ef36ef12282b90bfb7cb5byInjector is a MySQL injection penetration tool. It has multiple features, proxy support, and multiple exploitation methods.
b52774ac099292a94a0f4f4c96f55843e963024e991196b4ce6f06d98c62454c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed