Vulnerabilities > CVE-2007-0838 - Denial of Service vulnerability in Freeproxy 3.92
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
FreeProxy before 3.92 Build 1626 allows malicious users to cause a denial of service (infinite loop) via a HOST: header with a hostname and port number that refers to the server itself. <a href="http://cwe.mitre.org/data/definitions/835.html">CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://marc.info/?l=bugtraq&m=117086856902907&w=2
- http://marc.info/?l=full-disclosure&m=117085666921871&w=2
- http://osvdb.org/33116
- http://secunia.com/advisories/24064
- http://www.handcraftedsoftware.org/index.php?page=3&mode=article&k=60
- http://www.securityfocus.com/bid/22445
- http://www.vupen.com/english/advisories/2007/0514
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32303