Lucene search

[email protected]CVE-2008-0633

HistoryFeb 06, 2008 - 9:00 p.m.

CVE-2008-0633

2008-02-0621:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0633

buffer overflow

anon proxy server

denial of service

user authentication

nvd

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.

Affected configurations

NVD

Node

anon_proxy_serveranon_proxy_serverRange≤0.102

CPENameOperatorVersion
anon_proxy_server:anon_proxy_serveranon proxy serverle0.102

CPE	Name	Operator	Version
anon_proxy_server:anon_proxy_server	anon proxy server	le	0.102

References

securityreason.com/securityalert/3618

www.securityfocus.com/archive/1/487446/100/0/threaded

www.securityfocus.com/bid/27593

sourceforge.net/project/shownotes.php?group_id=138780&release_id=571924

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

Related for CVE-2008-0633

prion1 nvd1 cvelist1