Oops! Proxy Server Auth Remote Format String Vulnerability
BID:13172
Info
Oops! Proxy Server Auth Remote Format String Vulnerability
| Bugtraq ID: | 13172 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-1121 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 14 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Discovery of this issue is credited to GHC team <[email protected]>. |
| Vulnerable: |
Igor Khasilev Oops Proxy Server 1.5.53 Igor Khasilev Oops Proxy Server 1.5.19 Igor Khasilev Oops Proxy Server 1.4.22 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Oops! Proxy Server Auth Remote Format String Vulnerability
Oops! Proxy Server is prone to a remote format string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input prior to passing it as the format specifier to a formatted printing function.
A successful attack may result in crashing the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.
Oops! versions prior to and including version 1.5.53 are reported prone to this issue.
Oops! Proxy Server is prone to a remote format string vulnerability. This issue presents itself because the application fails to properly sanitize user-supplied input prior to passing it as the format specifier to a formatted printing function.
A successful attack may result in crashing the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server.
Oops! versions prior to and including version 1.5.53 are reported prone to this issue.
Exploit / POC
Oops! Proxy Server Auth Remote Format String Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Oops! Proxy Server Auth Remote Format String Vulnerability
Solution:
Gentoo has released an advisory (GLSA 200505-02) and an updated eBuild to address this issue. Gentoo users may apply updates by issuing the following series of commands as a superuser:
emerge --sync
emerge --ask --oneshot --verbose ">=net-proxy/oops-1.5.24_pre20050503"
Debian has released advisory DSA 726-1 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.
Igor Khasilev Oops Proxy Server 1.5.19
Solution:
Gentoo has released an advisory (GLSA 200505-02) and an updated eBuild to address this issue. Gentoo users may apply updates by issuing the following series of commands as a superuser:
emerge --sync
emerge --ask --oneshot --verbose ">=net-proxy/oops-1.5.24_pre20050503"
Debian has released advisory DSA 726-1 to address this issue. Please see the attached advisory for details on obtaining and applying fixes.
Igor Khasilev Oops Proxy Server 1.5.19
-
Debian oops_1.5.19.cvs.20010818-0.1woody1_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_alpha.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_arm.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_i386.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_ia64.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_m68k.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_mips.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_mipsel.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_powerpc.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_s390.deb -
Debian oops_1.5.19.cvs.20010818-0.1woody1_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/o/oops/oops_1.5.19.cvs.20 010818-0.1woody1_sparc.deb
References
Oops! Proxy Server Auth Remote Format String Vulnerability
References:
References:
- Oops! Proxy Server Homepage (Oops!)