CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0028

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1260%
EPSS Percentile43.67th
PublishedFeb 12, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.

Affected Platforms (CPE)

πŸ“¦
Igor Khasilev

Oops Proxy Server

= 1.4.22

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0127.html
πŸ”— http://archives.neohapsis.com/archives/freebsd/2000-12/0418.html
πŸ”— http://www.securityfocus.com/bid/2099
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5725
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0127.html
πŸ”— http://archives.neohapsis.com/archives/freebsd/2000-12/0418.html
πŸ”— http://www.securityfocus.com/bid/2099
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5725

Related Vulnerabilities

CVE-2001-002910.0

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands...

CVE-2005-11215.0

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth func...

CVE-2001-002110.0

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate...

CVE-2001-003210.0

Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privil...