Search
Find a vulnerability
Search criteria
6 vulnerabilities found for anon_proxy_server by anon_proxy_server
CVE-2008-0633 (GCVE-0-2008-0633)
Vulnerability from nvd – Published: 2008-02-06 20:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3618 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/27593 | vdb-entryx_refsource_BID |
| https://sourceforge.net/project/shownotes.php?gro… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/487446/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-02-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3618",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27593"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3618",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27593"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3618",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27593"
},
{
"name": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0633",
"datePublished": "2008-02-06T20:00:00.000Z",
"dateReserved": "2008-02-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6459 (GCVE-0-2007-6459)
Vulnerability from nvd – Published: 2007-12-20 00:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/485151/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/43711 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/43712 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26882 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3463 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/4734 | exploitx_refsource_EXPLOIT-DB |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:04.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4734"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4734"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"refsource": "OSVDB",
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"refsource": "OSVDB",
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4734"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6459",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:04.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6460 (GCVE-0-2007-6460)
Vulnerability from nvd – Published: 2007-12-20 00:00 – Updated: 2024-09-16 23:56
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
| http://sourceforge.net/forum/forum.php?forum_id=761265 | x_refsource_CONFIRM |
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:05.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-12-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=761265",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6460",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:56:24.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0633 (GCVE-0-2008-0633)
Vulnerability from cvelistv5 – Published: 2008-02-06 20:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3618 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/27593 | vdb-entryx_refsource_BID |
| https://sourceforge.net/project/shownotes.php?gro… | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/487446/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-02-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3618",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27593"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3618",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27593"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3618",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3618"
},
{
"name": "27593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27593"
},
{
"name": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/project/shownotes.php?group_id=138780\u0026release_id=571924"
},
{
"name": "20080203 Anon Proxy Server \u003c= 0.102 remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487446/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0633",
"datePublished": "2008-02-06T20:00:00.000Z",
"dateReserved": "2008-02-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:22.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6459 (GCVE-0-2007-6459)
Vulnerability from cvelistv5 – Published: 2007-12-20 00:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/485151/100… | mailing-listx_refsource_BUGTRAQ |
| http://osvdb.org/43711 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/43712 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26882 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/3463 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/4734 | exploitx_refsource_EXPLOIT-DB |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:04.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4734"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4734"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071214 Anon Proxy Server - Remote Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded"
},
{
"name": "43711",
"refsource": "OSVDB",
"url": "http://osvdb.org/43711"
},
{
"name": "43712",
"refsource": "OSVDB",
"url": "http://osvdb.org/43712"
},
{
"name": "26882",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26882"
},
{
"name": "3463",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3463"
},
{
"name": "4734",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4734"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6459",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:04.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6460 (GCVE-0-2007-6460)
Vulnerability from cvelistv5 – Published: 2007-12-20 00:00 – Updated: 2024-09-16 23:56
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
| http://sourceforge.net/forum/forum.php?forum_id=761265 | x_refsource_CONFIRM |
| http://anonproxyserver.svn.sourceforge.net/viewvc… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:05.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-12-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245\u0026r2=325"
},
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284\u0026r2=325"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=761265",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=761265"
},
{
"name": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/",
"refsource": "CONFIRM",
"url": "http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6460",
"datePublished": "2007-12-20T00:00:00.000Z",
"dateReserved": "2007-12-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:56:24.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}