Snoopy '_httpsrequest()' Arbitrary Command Execution Vulnerability

Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input.

An attacker may exploit this issue to execute arbitrary commands in the context of the vulnerable webserver.

This issue may be related to BID 15213 (Snoopy Arbitrary Command Execution Vulnerability), but this has not been confirmed.

Versions prior to Snoopy 1.2.4 are affected. Additional applications that use the Snoopy library may also be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus