Bugtraq mailing list archives
Re: socks5 1.0r5 buffer overflow..
From: jimd () STARSHINE ORG (Jim Dennis)
Date: Mon, 13 Jul 1998 02:30:57 -0700
We on the LSAT have also been poking around code that people are likely to be running on linux boxen. At work I was asked to install socks5 on our gateway boxes and thought it would be a good idea to make sure it was ship shape. I was quite impressed with the careful coding, till I ran across this one foul up in lib/log.c:
Has anyone on this list looked at the DeleGate code? (it provides SOCKS compatible proxying which is also accessible by non-SOCKS clients in a way that is similar to the user-driven TIS FWTK proxies). The URL for DeleGate is: http://wall.etl.go.jp/delegate/ ... and it seems to be under a much less restrictive license (BSD'ish? GPL?) than NEC SOCKS. So far I've shied way from NEC SOCKS since I don't understand their license. My concern about DeleGate is whether that no one ever talks about it --- so I don't know if the code has received sufficient scrutiny. Maybe if LSA looked it over, RH and/or Debian could adopt this as a default applications proxy for their distributions. I think we still need one since IP masquerading still doesn't seem to do as well on FTP as I'd like. -- Jim Dennis (800) 938-4078 consulting () starshine org Proprietor, Starshine Technical Services: http://www.starshine.org
Current thread:
- Re: socks5 1.0r5 buffer overflow.. Jim Dennis (Jul 13)