• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Oops! Proxy Server Auth Remote Format String Vulnerability

Oops! Proxy Server is prone to a remote format string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input prior to passing it as the format specifier to a formatted printing function.

A successful attack may result in crashing the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.

Oops! versions prior to and including version 1.5.53 are reported prone to this issue.