Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by snoopy
CVE-2014-5008 (GCVE-0-2014-5008)
Vulnerability from cvelistv5 – Published: 2017-03-31 15:00 – Updated: 2024-08-06 11:34
VLAI
Summary
Snoopy allows remote attackers to execute arbitrary commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/68419 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2014/07/18/2 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2015/dsa-3248 | vendor-advisoryx_refsource_DEBIAN |
| http://www.openwall.com/lists/oss-security/2014/0… | mailing-listx_refsource_MLIST |
| https://www-01.ibm.com/support/docview.wss?uid=is… | x_refsource_MISC |
| http://rhn.redhat.com/errata/RHSA-2017-0212.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2017-0213.html | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2016/12/21/8 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1121497 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2017-0214.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2017-0211.html | vendor-advisoryx_refsource_REDHAT |
| http://snoopy.cvs.sourceforge.net/viewvc/snoopy/S… | x_refsource_CONFIRM |
Date Public
2014-07-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68419",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68419"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "DSA-3248",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3248"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "[oss-security] 20161221 Re: Nagios Core \u003c 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/21/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Snoopy allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-31T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "68419",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68419"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "DSA-3248",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3248"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "[oss-security] 20161221 Re: Nagios Core \u003c 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/21/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Snoopy allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68419",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68419"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "DSA-3248",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3248"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264",
"refsource": "MISC",
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "[oss-security] 20161221 Re: Nagios Core \u003c 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/21/8"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "RHSA-2017:0214",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"name": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28",
"refsource": "CONFIRM",
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5008",
"datePublished": "2017-03-31T15:00:00.000Z",
"dateReserved": "2014-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:34:37.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7313 (GCVE-0-2008-7313)
Vulnerability from cvelistv5 – Published: 2017-03-31 15:00 – Updated: 2024-08-07 12:03
VLAI
Summary
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2008-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "68776",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68776"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"name": "snoopy-cve20087313-command-exec(94737)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94737"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "GLSA-201702-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-26"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0214.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-31T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "68776",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68776"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"name": "snoopy-cve20087313-command-exec(94737)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94737"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "GLSA-201702-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-26"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2017-0214.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "68776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68776"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"name": "snoopy-cve20087313-command-exec(94737)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94737"
},
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264",
"refsource": "MISC",
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0213",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "RHSA-2017:0211",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"name": "RHSA-2017:0212",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27",
"refsource": "CONFIRM",
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.27"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "GLSA-201702-26",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-26"
},
{
"name": "RHSA-2017:0214",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2017-0214.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7313",
"datePublished": "2017-03-31T15:00:00.000Z",
"dateReserved": "2014-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:03:37.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5009 (GCVE-0-2014-5009)
Vulnerability from cvelistv5 – Published: 2017-03-31 15:00 – Updated: 2024-08-06 11:34
VLAI
Summary
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2014-07-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "68783",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68783"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?r1=1.28\u0026r2=1.29"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706"
},
{
"name": "snoopy-cve20145009-command-exec(94738)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94738"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "68783",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68783"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?r1=1.28\u0026r2=1.29"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706"
},
{
"name": "snoopy-cve20145009-command-exec(94738)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94738"
},
{
"name": "RHSA-2017:0214",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140709 CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/09/11"
},
{
"name": "68783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68783"
},
{
"name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"name": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?r1=1.28\u0026r2=1.29",
"refsource": "CONFIRM",
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?r1=1.28\u0026r2=1.29"
},
{
"name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
},
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264",
"refsource": "MISC",
"url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
},
{
"name": "RHSA-2017:0212",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
},
{
"name": "RHSA-2017:0213",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706",
"refsource": "MISC",
"url": "https://github.com/cogdog/feed2js/pull/12#issuecomment-48283706"
},
{
"name": "snoopy-cve20145009-command-exec(94738)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94738"
},
{
"name": "RHSA-2017:0214",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-5009",
"datePublished": "2017-03-31T15:00:00.000Z",
"dateReserved": "2014-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:34:37.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0502 (GCVE-0-2009-0502)
Vulnerability from cvelistv5 – Published: 2009-02-10 02:00 – Updated: 2024-08-07 04:40
VLAI
Summary
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://moodle.org/security/ | x_refsource_CONFIRM |
| http://secunia.com/advisories/34418 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/33955 | third-party-advisoryx_refsource_SECUNIA |
| http://www.debian.org/security/2009/dsa-1724 | vendor-advisoryx_refsource_DEBIAN |
| http://www.openwall.com/lists/oss-security/2009/02/04/1 | mailing-listx_refsource_MLIST |
Date Public
2009-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:03.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2009:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://moodle.org/security/"
},
{
"name": "34418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34418"
},
{
"name": "33955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33955"
},
{
"name": "DSA-1724",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1724"
},
{
"name": "[oss-security] 20090204 CVS request - Moodle",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/04/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the \"Login as\" feature is used to visit a MyMoodle or Blog page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-01T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2009:007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://moodle.org/security/"
},
{
"name": "34418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34418"
},
{
"name": "33955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33955"
},
{
"name": "DSA-1724",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1724"
},
{
"name": "[oss-security] 20090204 CVS request - Moodle",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/02/04/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the \"Login as\" feature is used to visit a MyMoodle or Blog page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2009:007",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
},
{
"name": "http://moodle.org/security/",
"refsource": "CONFIRM",
"url": "http://moodle.org/security/"
},
{
"name": "34418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34418"
},
{
"name": "33955",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33955"
},
{
"name": "DSA-1724",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1724"
},
{
"name": "[oss-security] 20090204 CVS request - Moodle",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/02/04/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0502",
"datePublished": "2009-02-10T02:00:00.000Z",
"dateReserved": "2009-02-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:40:03.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3330 (GCVE-0-2005-3330)
Vulnerability from cvelistv5 – Published: 2005-10-27 04:00 – Updated: 2024-08-07 23:10
VLAI
Summary
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public
2005-10-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:08.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "snoopy-httpsrequest-command-injection(22874)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22874"
},
{
"name": "17887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17887"
},
{
"name": "20051025 SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113028858316430\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG"
},
{
"name": "17455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17455"
},
{
"name": "20316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20316"
},
{
"name": "117",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/117"
},
{
"name": "15213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15213"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=375385"
},
{
"name": "1015104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015104"
},
{
"name": "20051027 Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113062897231412\u0026w=2"
},
{
"name": "ADV-2005-2727",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2727"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368750"
},
{
"name": "ADV-2005-2335",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2335"
},
{
"name": "17330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17330"
},
{
"name": "17779",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17779"
},
{
"name": "ADV-2005-2202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "snoopy-httpsrequest-command-injection(22874)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22874"
},
{
"name": "17887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17887"
},
{
"name": "20051025 SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113028858316430\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG"
},
{
"name": "17455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17455"
},
{
"name": "20316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20316"
},
{
"name": "117",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/117"
},
{
"name": "15213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15213"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=375385"
},
{
"name": "1015104",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015104"
},
{
"name": "20051027 Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113062897231412\u0026w=2"
},
{
"name": "ADV-2005-2727",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2727"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368750"
},
{
"name": "ADV-2005-2335",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2335"
},
{
"name": "17330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17330"
},
{
"name": "17779",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17779"
},
{
"name": "ADV-2005-2202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2202"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "snoopy-httpsrequest-command-injection(22874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22874"
},
{
"name": "17887",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17887"
},
{
"name": "20051025 SEC-Consult SA 20051025-0 :: Snoopy Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113028858316430\u0026w=2"
},
{
"name": "https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG",
"refsource": "CONFIRM",
"url": "https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG"
},
{
"name": "17455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17455"
},
{
"name": "20316",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20316"
},
{
"name": "117",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/117"
},
{
"name": "15213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15213"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=375385",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=375385"
},
{
"name": "1015104",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015104"
},
{
"name": "20051027 Re: [Full-disclosure] SEC-Consult SA 20051025-0 :: Snoopy Remote",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113062897231412\u0026w=2"
},
{
"name": "ADV-2005-2727",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2727"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=368750",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=368750"
},
{
"name": "ADV-2005-2335",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2335"
},
{
"name": "17330",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17330"
},
{
"name": "17779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17779"
},
{
"name": "ADV-2005-2202",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2202"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3330",
"datePublished": "2005-10-27T04:00:00.000Z",
"dateReserved": "2005-10-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:10:08.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}