漏洞描述
Squid存在缓冲区溢出漏洞。当 Squid 配置为接受 HTTP Digest身份验证时,远程攻击者可以通过向内存写入2 MB 的任意数据来执行缓冲区溢出攻击。
Squid Proxy HTTP Digest CVE-2023-46847 缓冲区溢出漏洞
PoC代码
暂无相关漏洞推荐
- vulhub httpd apache 解析漏洞
- Squid 未授权 异常处理不当漏洞 可导致敏感信息泄露
- OAuth2-Proxy 需授权 中和不当漏洞
- POC cl-te-http-smuggling: Basic CL.TE - HTTP request smuggling
- POC te-cl-http-smuggling: Basic TE.CL - HTTP Request Smuggling
- Milvus Proxy 身份验证缺陷漏洞
- OpenSSH ProxyCommand 命令注入漏洞
- MapProxy /demo 文件包含漏洞
- MapProxy存在本地文件包含漏洞
- POC CVE-2001-0537: Cisco IOS HTTP Configuration - Authentication Bypass
- POC CVE-2006-1681: Cherokee HTTPD <=0.5 - Cross-Site Scripting
- POC CVE-2014-2323: Lighttpd 1.4.34 SQL Injection and Path Traversal
- POC CVE-2017-15715: Apache httpd <=2.4.29 - Arbitrary File Upload