NetProxy Security Restriction Bypass Vulnerability
BID:22741
Info
NetProxy Security Restriction Bypass Vulnerability
| Bugtraq ID: | 22741 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1225 CVE-2007-1224 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 27 2007 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | Craig Heffner reported this vulnerability. |
| Vulnerable: |
NetProxy NetProxy 4.03 |
| Not Vulnerable: | |
Discussion
NetProxy Security Restriction Bypass Vulnerability
NetProxy is prone to a security-restriction-bypass vulnerability because the software fails to properly sanitize user-supplied input.
Attackers can exploit this issue to bypass the security restrictions and gain unauthorized access to restricted sites. This may allow attackers to bypass the security restrictions enforced by the application.
NetProxy version 4.03 is vulnerable; other versions may also be affected.
NetProxy is prone to a security-restriction-bypass vulnerability because the software fails to properly sanitize user-supplied input.
Attackers can exploit this issue to bypass the security restrictions and gain unauthorized access to restricted sites. This may allow attackers to bypass the security restrictions enforced by the application.
NetProxy version 4.03 is vulnerable; other versions may also be affected.
Exploit / POC
NetProxy Security Restriction Bypass Vulnerability
Attackers may trigger this issue via a browser.
A sample exploit has been provided:
Attackers may trigger this issue via a browser.
A sample exploit has been provided:
Solution / Fix
NetProxy Security Restriction Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].