CyberSec.Space Logo
Back to CVE Browser

CVE-2007-5622

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile23.41th
PublishedOct 29, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy.

Affected Platforms (CPE)

πŸ“¦
3proxy

3proxy

= 0.5
πŸ“¦
3proxy

3proxy

= 0.5.1
πŸ“¦
3proxy

3proxy

= 0.5.2
πŸ“¦
3proxy

3proxy

= 0.5.3g
πŸ“¦
3proxy

3proxy

= 0.5.3h
πŸ“¦
3proxy

3proxy

= 0.5.3i

References & Advisories

πŸ”— http://3proxy.ru/0.5.3j/Changelog.txt
πŸ”— http://bugs.gentoo.org/show_bug.cgi?id=196772
πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066985.html
πŸ”— http://osvdb.org/41870
πŸ”— http://secunia.com/advisories/27353
πŸ”— http://secunia.com/advisories/27607
πŸ”— http://security.gentoo.org/glsa/glsa-200711-13.xml
πŸ”— http://www.securityfocus.com/archive/1/482697/100/0/threaded

Related Vulnerabilities

CVE-2007-203110.0

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers t...

CVE-2019-144959.8

webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface.

CVE-2006-69815.0

3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service (blocked accou...

CVE-2006-69825.0

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC...