SecuritySpace - CVE-2009-0802

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-0802

Description: Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

Test IDs: 1.3.6.1.4.1.25623.1.0.900325

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-0802
CERT/CC vulnerability note: VU#435052
http://www.kb.cert.org/vuls/id/435052
BugTraq ID: 33858
http://www.securityfocus.com/bid/33858

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

CVE ID:	CVE-2009-0802
Description:	Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Test IDs:	1.3.6.1.4.1.25623.1.0.900325
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0802 CERT/CC vulnerability note: VU#435052 http://www.kb.cert.org/vuls/id/435052 BugTraq ID: 33858 http://www.securityfocus.com/bid/33858