This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor 3proxy First view 2007-02-08
Product 3proxy Last view 2019-08-01
Version 0.5.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:3proxy:3proxy

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2019-08-01 CVE-2019-14495

webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the admin interface.

5 2007-10-29 CVE-2007-5622

Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy.

10 2007-04-16 CVE-2007-2031

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.

5 2007-02-08 CVE-2006-6982

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials.

5 2007-02-08 CVE-2006-6981

3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service (blocked account) via unspecified vectors related to NTLM authentication, which causes a password hash to be overwritten.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-787 Out-of-bounds Write
50% (1) CWE-399 Resource Management Errors

Open Source Vulnerability Database (OSVDB)

id Description
41870 3proxy FTP Proxy Module ftppr ftpprchild Function OPEN Command DoS
35242 3Proxy NTLM / Basic Authentication Order Weakness
35241 3Proxy NTLM Authentication Password Hash Overwrite Remote DoS
35237 3Proxy HTTP Proxy Crafted Transparent Request Remote Overflow

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200704-17 (3proxy)
File : nvt/glsa_200704_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-13 (3proxy)
File : nvt/glsa_200711_13.nasl

Nessus® Vulnerability Scanner

id Description
2008-02-14 Name: The remote proxy is affected by a buffer overflow vulnerability.
File: 3proxy_logurl_overflow.nasl - Type: ACT_DESTRUCTIVE_ATTACK
2007-11-09 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200711-13.nasl - Type: ACT_GATHER_INFO
2007-04-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200704-17.nasl - Type: ACT_GATHER_INFO