CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-5622

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile23.41th
Published2007年10月29日
Last Modified2026年4月23日

Vulnerability Description

Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy.

Affected Platforms (CPE)

📦
3proxy

3proxy

= 0.5
📦
3proxy

3proxy

= 0.5.1
📦
3proxy

3proxy

= 0.5.2
📦
3proxy

3proxy

= 0.5.3g
📦
3proxy

3proxy

= 0.5.3h
📦
3proxy

3proxy

= 0.5.3i

References & Advisories

🔗 http://3proxy.ru/0.5.3j/Changelog.txt
🔗 http://bugs.gentoo.org/show_bug.cgi?id=196772
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066985.html
🔗 http://osvdb.org/41870
🔗 http://secunia.com/advisories/27353
🔗 http://secunia.com/advisories/27607
🔗 http://security.gentoo.org/glsa/glsa-200711-13.xml
🔗 http://www.securityfocus.com/archive/1/482697/100/0/threaded

相關漏洞威脅

CVE-2007-203110.0

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers t...

CVE-2019-144959.8

webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface.

CVE-2006-69815.0

3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service (blocked accou...

CVE-2006-69825.0

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC...