TUCoPS :: Web :: General :: bt288.txt

Buffer Overflow in Analogx Proxy 


================================================
Buffer Overflow In Analogx Proxy 4.13
Vendor: Analogx=20
Versions affected: Proxy 4.13=20
Date: 26th May 2003=20
Type of Vulnerability: Remotely Exploitable Buffer Overflow=20
Severity: High=20
By: Network Intelligence India www.nii.co.in
================================================


I. BACKGROUND=20
"AnalogX Proxy is a small and simple server that allows any other
machine on your local network to route it's requests through a central
machine. It supports HTTP (web), HTTPS (secure web), POP3 (recieve
mail), SMTP (send mail), NNTP (newsgroups), FTP (file transfer), and
Socks4/4a and partial Socks5 (no UDP) protocols. It works with Internet
Explorer, Netscape, AOL, AOL Instant Messenger, Microsoft Messenger, and
many more. "

When the AnalogX Proxy is supplied with a URL greater than 340
characters it crashes with a buffer overflow. A specially crafted URL
allows remote execution of arbitrary code.


II. DESCRIPTION
The buffer overflow occurs when a user supplies a URL of length greater
than 340 characters. In its default configuration the proxy listens on
all interfaces for proxy requests. In such a configuration, anyone may
cause the buffer overflow attack over the Internet by connecting to TCP
6588 port and supplying an overly long URL. With a specially crafted
URL, it may be possible to manipulate the stack and execute code of the
attacker's choice. This code would naturally be executed with the
privileges with which AnalogX is running. In most cases, these are
Administrator privileges. The software strongly urges the user to bind
it to the internal private IP. This would leave it vulnerable only to
attacks from local users.=20


III. VENDOR RESPONSE
The vendor responded quickly and patched up the software. The updated
version is available at
http://www.analogx.com/contents/download/network/proxy.htm The updated
version number is 4.14


IV. About NII
Network Intelligence India develops host-based security auditing
software called the AuditPro suite. Further details are available at
http://www.nii.co.in/products.html Our latest product is one of the most
comprehensive security auditing products for MS SQL Servers
http://nii.co.in/software/apsql.html We also provide Penetration
Testing, Software Security Testing and other Security Services
http://www.nii.co.in/services.html

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH