Find a vulnerability
Search criteria
3 vulnerabilities by anonymityanywhere
VAR-200903-0004
Vulnerability from variot - Updated: 2025-04-10 23:03TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration. TorK is prone to multiple insecure-configuration vulnerabilities because of several default configuration options used by the Privoxy web proxy server. Attackers can exploit these issues to bypass proxy filter rules or modify user-defined configuration values. These issues affect versions prior to TorK 0.22. TorK is a powerful KDE desktop anonymous management tool. It is possible to browse the web anonymously through a browser and send anonymous emails from the MixMinion network. You can use ssh, IRC chat tools and IM instant messaging tools anonymously. And can control and monitor anonymous traffic on the Tor network through TorK. This configuration file contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200903-0004",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tork",
"scope": "eq",
"trust": 1.6,
"vendor": "anonymityanywhere",
"version": "0.22"
},
{
"model": "tork",
"scope": "lt",
"trust": 0.8,
"vendor": "anonymityanywhere",
"version": "0.22"
},
{
"model": "mac os x",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "windows",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "tork",
"scope": "eq",
"trust": 0.3,
"vendor": "tork",
"version": "0.21"
},
{
"model": "vidalia",
"scope": "eq",
"trust": 0.3,
"vendor": "tor",
"version": "0"
},
{
"model": "tork",
"scope": "ne",
"trust": 0.3,
"vendor": "tork",
"version": "0.22"
},
{
"model": "vidalia",
"scope": "ne",
"trust": 0.3,
"vendor": "tor",
"version": "0.1.2.18"
}
],
"sources": [
{
"db": "BID",
"id": "26386"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:anonymityanywhere:tork",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vidalia Project",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
}
],
"trust": 0.6
},
"cve": "CVE-2007-6723",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-6723",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-30085",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6723",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-6723",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-530",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-30085",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30085"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration. TorK is prone to multiple insecure-configuration vulnerabilities because of several default configuration options used by the Privoxy web proxy server. \nAttackers can exploit these issues to bypass proxy filter rules or modify user-defined configuration values. \nThese issues affect versions prior to TorK 0.22. TorK is a powerful KDE desktop anonymous management tool. It is possible to browse the web anonymously through a browser and send anonymous emails from the MixMinion network. You can use ssh, IRC chat tools and IM instant messaging tools anonymously. And can control and monitor anonymous traffic on the Tor network through TorK. This configuration file contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6723"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "BID",
"id": "26386"
},
{
"db": "VULHUB",
"id": "VHN-30085"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6723",
"trust": 2.8
},
{
"db": "BID",
"id": "26386",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "48694",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530",
"trust": 0.7
},
{
"db": "MLIST",
"id": "[OR-TALK] 20071031 INSECURE PRIVOXY CONFIGURATION IN VIDALIA BUNDLES PRIOR TO 0.1.2.18",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OR-TALK] 20071031 RE: INSECURE PRIVOXY CONFIGURATION IN VIDALIA BUNDLES PRIOR TO 0.1.2.18",
"trust": 0.6
},
{
"db": "XF",
"id": "42280",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-30085",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30085"
},
{
"db": "BID",
"id": "26386"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"id": "VAR-200903-0004",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-30085"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:03:13.271000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.torproject.org/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.apple.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30085"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://archives.seul.org/or/talk/oct-2007/msg00291.html"
},
{
"trust": 1.9,
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26386"
},
{
"trust": 1.7,
"url": "http://archives.seul.org/or/talk/oct-2007/msg00296.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/48694"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6723"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6723"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/42280"
},
{
"trust": 0.3,
"url": "http://www.privoxy.org/"
},
{
"trust": 0.3,
"url": "http://www.torproject.org/index.html.en"
},
{
"trust": 0.3,
"url": "http://www.anonymityanywhere.com/tork/index.php?option=com_frontpage\u0026itemid=28"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026amp;group_id=159836"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30085"
},
{
"db": "BID",
"id": "26386"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-30085"
},
{
"db": "BID",
"id": "26386"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-03-31T00:00:00",
"db": "VULHUB",
"id": "VHN-30085"
},
{
"date": "2007-11-08T00:00:00",
"db": "BID",
"id": "26386"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"date": "2009-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"date": "2009-03-31T17:30:00.327000",
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-30085"
},
{
"date": "2016-07-05T22:00:00",
"db": "BID",
"id": "26386"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002717"
},
{
"date": "2009-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-530"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-6723"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on TorK Vulnerabilities whose settings are changed",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002717"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "26386"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-530"
}
],
"trust": 0.9
}
}
CVE-2007-6723 (GCVE-0-2007-6723)
Vulnerability from nvd – Published: 2009-03-31 17:00 – Updated: 2024-08-07 16:18- n/a
| URL | Tags |
|---|---|
| http://archives.seul.org/or/talk/Oct-2007/msg00291.html | mailing-listx_refsource_MLIST |
| http://archives.seul.org/or/talk/Oct-2007/msg00296.html | mailing-listx_refsource_MLIST |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/48694 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26386 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6723",
"datePublished": "2009-03-31T17:00:00.000Z",
"dateReserved": "2009-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:18:20.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6723 (GCVE-0-2007-6723)
Vulnerability from cvelistv5 – Published: 2009-03-31 17:00 – Updated: 2024-08-07 16:18- n/a
| URL | Tags |
|---|---|
| http://archives.seul.org/or/talk/Oct-2007/msg00291.html | mailing-listx_refsource_MLIST |
| http://archives.seul.org/or/talk/Oct-2007/msg00296.html | mailing-listx_refsource_MLIST |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/48694 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26386 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00291.html"
},
{
"name": "[or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to 0.1.2.18",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Oct-2007/msg00296.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=551544\u0026group_id=159836"
},
{
"name": "tork-privoxy-security-bypass(42280)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42280"
},
{
"name": "48694",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/48694"
},
{
"name": "26386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6723",
"datePublished": "2009-03-31T17:00:00.000Z",
"dateReserved": "2009-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:18:20.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}