3 results (0.001 seconds)

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL. • http://rst.void.ru/papers/advisory24.txt http://security.gentoo.org/glsa/glsa-200505-02.xml http://www.debian.org/security/2005/dsa-726 http://www.securityfocus.com/bid/13172 https://exchange.xforce.ibmcloud.com/vulnerabilities/20191 •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 4

Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters. • https://www.exploit-db.com/exploits/20496 https://www.exploit-db.com/exploits/20495 http://archives.neohapsis.com/archives/bugtraq/2000-12/0127.html http://archives.neohapsis.com/archives/freebsd/2000-12/0418.html http://www.securityfocus.com/bid/2099 https://exchange.xforce.ibmcloud.com/vulnerabilities/5725 •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 3

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup. • https://www.exploit-db.com/exploits/228 http://archives.neohapsis.com/archives/bugtraq/2000-12/0158.html http://www.securityfocus.com/bid/2099 http://zipper.paco.net/~igor/oops/ChangeLog https://exchange.xforce.ibmcloud.com/vulnerabilities/6122 •