Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6723


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6723
Last Modified 31 Mar 2009 12:00:00
Published 31 Mar 2009 01:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.

Vulnerable Systems


  • Anonymityanywhere Tork 0.22


XF - tork-privoxy-security-bypass(42280)

BID - 26386

OSVDB - 48694


MLIST - [or-talk] 20071031 Re: Insecure Privoxy Configuration in Vidalia Bundles Prior to

MLIST - [or-talk] 20071031 Insecure Privoxy Configuration in Vidalia Bundles Prior to

Last Updated: 27 May 2016 10:46:36