Lucene search

Webproxy Security Vulnerabilities

cve

CVE-2004-0492

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

8.1AI Score

0.012EPSS

2004-08-06 04:00 AM

290

cve

CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

8.1AI Score

0.003EPSS

2005-04-21 04:00 AM

125

cve

CVE-2005-3654

Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap.

7.8AI Score

0.345EPSS

2006-01-06 12:00 AM

cve

CVE-2005-4085

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

7.7AI Score

0.578EPSS

2006-01-06 11:00 AM

cve

CVE-2008-3255

Cross-site scripting (XSS) vulnerability in LunarNight Laboratory WebProxy 1.7.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.7AI Score

0.002EPSS

2008-07-22 04:41 PM

cve

CVE-2018-0542

Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary files via unspecified vectors.

7.5CVSS

7.3AI Score

0.002EPSS

2018-03-22 01:29 PM