Vulnerabilities > CVE-2005-1121 - Remote Format String vulnerability in Oops! Proxy Server Auth
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
OS | 1 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-726.NASL description A format string vulnerability has been discovered in the MySQL/PgSQL authentication module of Oops, a caching HTTP proxy server written for performance. last seen 2020-06-01 modified 2020-06-02 plugin id 18513 published 2005-06-17 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18513 title Debian DSA-726-1 : oops - format string vulnerability code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-726. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(18513); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:18"); script_cve_id("CVE-2005-1121"); script_xref(name:"DSA", value:"726"); script_name(english:"Debian DSA-726-1 : oops - format string vulnerability"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "A format string vulnerability has been discovered in the MySQL/PgSQL authentication module of Oops, a caching HTTP proxy server written for performance." ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=307360" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2005/dsa-726" ); script_set_attribute( attribute:"solution", value: "Upgrade the oops package. For the stable distribution (woody) this problem has been fixed in version 1.5.19.cvs.20010818-0.1woody1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:oops"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2005/05/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/06/17"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"oops", reference:"1.5.19.cvs.20010818-0.1woody1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200505-02.NASL description The remote host is affected by the vulnerability described in GLSA-200505-02 (Oops!: Remote code execution) A format string flaw has been detected in the my_xlog() function of the Oops! proxy, which is called by the passwd_mysql and passwd_pgsql module last seen 2020-06-01 modified 2020-06-02 plugin id 18228 published 2005-05-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18228 title GLSA-200505-02 : Oops!: Remote code execution NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_1033750FCAB411D99AED000E0C2E438A.NASL description A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 18843 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18843 title FreeBSD : oops -- format string vulnerability (1033750f-cab4-11d9-9aed-000e0c2e438a)