Lucene search

[email protected]CVE-2007-6723

HistoryMar 31, 2009 - 5:30 p.m.

CVE-2007-6723

2009-03-3117:30:00

CWE-16

[email protected]

web.nvd.nist.gov

cve-2007-6723

tork

privoxy

windows

mac os x

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.

Affected configurations

NVD

Node

anonymityanywheretorkMatch0.22

AND

applemac_os_x

microsoftwindows

CPENameOperatorVersion
anonymityanywhere:torkanonymityanywhere torkeq0.22

CPE	Name	Operator	Version
anonymityanywhere:tork	anonymityanywhere tork	eq	0.22

References

archives.seul.org/or/talk/Oct-2007/msg00291.html

archives.seul.org/or/talk/Oct-2007/msg00296.html

sourceforge.net/project/shownotes.php?release_id=551544&group_id=159836

www.osvdb.org/48694

www.securityfocus.com/bid/26386

exchange.xforce.ibmcloud.com/vulnerabilities/42280

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for CVE-2007-6723

cvelist1 nvd1 ubuntucve1 prion1