CyberSec.Space Logo
Back to CVE Browser

CVE-2005-1121

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile37.26th
PublishedMay 2, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.

Affected Platforms (CPE)

πŸ“¦
Igor Khasilev

Oops Proxy Server

= 1.4.22
πŸ“¦
Igor Khasilev

Oops Proxy Server

= 1.5.19
πŸ“¦
Igor Khasilev

Oops Proxy Server

= 1.5.53
πŸ’»
Gentoo

Linux

All versions

References & Advisories

πŸ”— http://rst.void.ru/papers/advisory24.txt
πŸ”— http://security.gentoo.org/glsa/glsa-200505-02.xml
πŸ”— http://www.debian.org/security/2005/dsa-726
πŸ”— http://www.securityfocus.com/bid/13172
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/20191
πŸ”— http://rst.void.ru/papers/advisory24.txt
πŸ”— http://security.gentoo.org/glsa/glsa-200505-02.xml
πŸ”— http://www.debian.org/security/2005/dsa-726

Related Vulnerabilities

CVE-2001-002810.0

Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary c...

CVE-2001-002910.0

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands...

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.

CVE-2005-103710.0

Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.