CVE-2007-6459
Summary
| CVE | CVE-2007-6459 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-12-20 00:46:00 UTC |
| Updated | 2018-10-15 21:54:00 UTC |
| Description | Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Anon Proxy Server | Anon Proxy Server | 0.100 | All | All | All |
| Application | Anon Proxy Server | Anon Proxy Server | 0.100 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityReason - Anon Proxy Server - Remote Code Execution | SREASON | securityreason.com | |
| Anon Proxy Server 0.1000 Remote Command Execution Vulnerability | EXPLOIT-DB | www.exploit-db.com | |
| 43712 | OSVDB | osvdb.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| 43711 | OSVDB | osvdb.org | |
| Anon Proxy Server Remote Shell Command Execution Vulnerabilities | BID | www.securityfocus.com | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.