Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

NII Advisory - Buffer Overflow in Analogx Proxy

From: "K. K. Mookhey" <cto () nii co in>
Date: Mon, 26 May 2003 19:41:38 +0530
===============================================
Buffer Overflow In Analogx Proxy 4.13
Vendor: Analogx 
Versions affected: Proxy 4.13 
Date: 26th May 2003 
Type of Vulnerability: Remotely Exploitable Buffer Overflow 
Severity: High 
By: Network Intelligence India www.nii.co.in
===============================================


I. BACKGROUND 
"AnalogX Proxy is a small and simple server that allows any other machine on your local network to route it's requests 
through a central machine. It supports HTTP (web), HTTPS (secure web), POP3 (recieve mail), SMTP (send mail), NNTP 
(newsgroups), FTP (file transfer), and Socks4/4a and partial Socks5 (no UDP) protocols. It works with Internet 
Explorer, Netscape, AOL, AOL Instant Messenger, Microsoft Messenger, and many more. "

When the AnalogX Proxy is supplied with a URL greater than 340 characters it crashes with a buffer overflow. A 
specially crafted URL allows remote execution of arbitrary code. 


II. DESCRIPTION 
The buffer overflow occurs when a user supplies a URL of length greater than 340 characters. 
In its default configuration the proxy listens on all interfaces for proxy requests. In such a configuration, anyone 
may cause the buffer overflow attack over the Internet by connecting to TCP 6588 port and supplying an overly long URL. 
With a specially crafted URL, it may be possible to manipulate the stack and execute code of the attacker's choice. 
This code would naturally be executed with the privileges with which AnalogX is running. In most cases, these are 
Administrator privileges. The software strongly urges the user to bind it to the internal private IP. This would leave 
it vulnerable only to attacks from local users. 


III. VENDOR RESPONSE
The vendor responded quickly and patched up the software. The updated version is available at 
http://www.analogx.com/contents/download/network/proxy.htm The updated version number is 4.14 


IV. About NII
Network Intelligence India develops host-based security auditing software called the AuditPro suite. Further details 
are available at http://www.nii.co.in/products.html Our latest product is one of the most comprehensive security 
auditing products for MS SQL Servers http://nii.co.in/software/apsql.html We also provide Penetration Testing, Software 
Security Testing and other Security Services http://www.nii.co.in/services.html
Previous By Date Next
Previous By Thread Next

Current thread: