Vulnerability Name:

CVE-2005-1121 (CCN-20191)

Assigned:2005-04-14
Published:2005-04-14
Updated:2017-07-11
Summary:Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-1121

Source: CCN
Type: OOPS! Proxy Server Web site
OOPS! Proxy Server Homesite

Source: MISC
Type: Exploit, Patch, Vendor Advisory
http://rst.void.ru/papers/advisory24.txt

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200505-02

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-726

Source: DEBIAN
Type: DSA-726
oops -- format string vulnerability

Source: CCN
Type: GLSA-200505-02
Oops!: Remote code execution

Source: BID
Type: Patch
13172

Source: CCN
Type: BID-13172
Oops! Proxy Server Auth Remote Format String Vulnerability

Source: XF
Type: UNKNOWN
oops-format-string(20191)

Source: XF
Type: UNKNOWN
oops-format-string(20191)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:igor_khasilev:oops_proxy_server:1.4.22:*:*:*:*:*:*:*
  • OR cpe:/a:igor_khasilev:oops_proxy_server:1.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:igor_khasilev:oops_proxy_server:1.5.53:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-1121 (CCN-20461)

    Assigned:2005-05-06
    Published:2005-05-06
    Updated:2005-05-06
    Summary:Igor Khasilev's Oops! Proxy Server is vulnerable to a format string attack caused by a vulnerability in the passwd_mysql and passwd_pgsql modules in the auth() function. A remote attacker could send a specially-crafted HTTP request to execute arbitrary code on the system.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): None
    Integrity (I): Partial
    Availibility (A): None
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2005-1121

    Source: CCN
    Type: Oops! Proxy Server Download Web page
    Oops! Proxy server homesite

    Source: DEBIAN
    Type: DSA-726
    oops -- format string vulnerability

    Source: CCN
    Type: GLSA-200505-02
    Oops!: Remote code execution

    Source: CCN
    Type: BID-13172
    Oops! Proxy Server Auth Remote Format String Vulnerability

    Source: XF
    Type: UNKNOWN
    oops-auth-format-string(20461)

    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.debian:def:726
    V
    		format string vulnerability
    2005-05-20
    BACK
    igor_khasilev oops proxy server 1.4.22
    igor_khasilev oops proxy server 1.5.19
    igor_khasilev oops proxy server 1.5.53
    gentoo linux *