CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-1121

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile37.26th
Published2005年5月2日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.

Affected Platforms (CPE)

📦
Igor Khasilev

Oops Proxy Server

= 1.4.22
📦
Igor Khasilev

Oops Proxy Server

= 1.5.19
📦
Igor Khasilev

Oops Proxy Server

= 1.5.53
💻
Gentoo

Linux

All versions

References & Advisories

🔗 http://rst.void.ru/papers/advisory24.txt
🔗 http://security.gentoo.org/glsa/glsa-200505-02.xml
🔗 http://www.debian.org/security/2005/dsa-726
🔗 http://www.securityfocus.com/bid/13172
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/20191
🔗 http://rst.void.ru/papers/advisory24.txt
🔗 http://security.gentoo.org/glsa/glsa-200505-02.xml
🔗 http://www.debian.org/security/2005/dsa-726

相關漏洞威脅

CVE-2001-002810.0

Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary c...

CVE-2001-002910.0

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands...

CVE-2005-266810.0

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before...

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...