CVE-2005-1121

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.

Date published : 2005-04-16

http://www.securityfocus.com/bid/13172

http://www.debian.org/security/2005/dsa-726