SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Proxy (AnalogX) Vendors:  AnalogX
AnalogX Proxy URL Buffer Overflow Lets Remote Users Execute Arbitrary Code With Administrator Privileges
SecurityTracker Alert ID:  1006845
CVE Reference:  CAN-2003-0410   (Links to External Site)
Updated:  Jan 21 2004
Original Entry Date:  May 26 2003
Impact:  Execution of arbitrary code via network, Root access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Advisory:  Network Intelligence India
Version(s): 4.13
Description:  A buffer overflow vulnerability was reported in the AnalogX Proxy. A remote user can execute arbitrary code on the target system.

Network Intelligence India reported that a remote user can supply a URL that contains more than 340 characters to trigger a buffer overflow in the Proxy.

According to the report, the Proxy accepts connections on all interfaces in the default configuration. A remote user can reportedly connect to port 6588 and supply a specially crafted URL to cause arbitrary code to be executed on the Proxy server. The code will run with the privileges of the Proxy, reported to be 'Administrator' privileges in most cases.
Impact:  A remote user can execute arbitrary code on the server running the AnalogX Proxy. The code will run with the privileges of the Proxy (typically Administrator privileges).
Solution:  The vendor has issued a fixed version (4.14), available at:

http://www.analogx.com/contents/download/network/proxy.htm
http://www.analogx.com/files/proxyi.exe
Vendor URL:  www.analogx.com/contents/download/network/proxy.htm (Links to External Site)
Cause:  Boundary error
Underlying OS:  Windows (Any)
Reported By:  "K. K. Mookhey" <cto@nii.co.in>
Message History:   None.

 Source Message Contents
Date:  Mon, 26 May 2003 19:41:38 +0530
From:  "K. K. Mookhey" <cto@nii.co.in>
Subject:  [Full-Disclosure] NII Advisory - Buffer Overflow in Analogx Proxy

 

===============================================
Buffer Overflow In Analogx Proxy 4.13
Vendor: Analogx 
Versions affected: Proxy 4.13 
Date: 26th May 2003 
Type of Vulnerability: Remotely Exploitable Buffer Overflow 
Severity: High 
By: Network Intelligence India www.nii.co.in
===============================================


I. BACKGROUND 
"AnalogX Proxy is a small and simple server that allows any other machine on your local network 
to route it's requests through a central
 machine. It supports HTTP (web), HTTPS (secure web), POP3 (recieve mail), SMTP (send mail), NNTP (ne
wsgroups), FTP (file transfer),
 and Socks4/4a and partial Socks5 (no UDP) protocols. It works with Internet Explorer, Netscape, AOL,
 AOL Instant Messenger, Microsoft
 Messenger, and many more. "

When the AnalogX Proxy is supplied with a URL greater than 340 characters it crashes with a buffer ov
erflow. A specially crafted URL
 allows remote execution of arbitrary code. 


II. DESCRIPTION 
The buffer overflow occurs when a user supplies a URL of length greater than 340 characters. 
In its default configuration the proxy listens on all interfaces for proxy requests. In such a config
uration, anyone may cause the
 buffer overflow attack over the Internet by connecting to TCP 6588 port and supplying an overly long
 URL. With a specially crafted
 URL, it may be possible to manipulate the stack and execute code of the attacker's choice. This code
 would naturally be executed
 with the privileges with which AnalogX is running. In most cases, these are Administrator privileges
. The software strongly urges
 the user to bind it to the internal private IP. This would leave it vulnerable only to attacks from 
local users. 


III. VENDOR RESPONSE
The vendor responded quickly and patched up the software. The updated version is available at http://
www.analogx.com/contents/download/network/proxy.htm
 The updated version number is 4.14 


IV. About NII
Network Intelligence India develops host-based security auditing software called the AuditPro suite. 
Further details are available
 at http://www.nii.co.in/products.html Our latest product is one of the most comprehensive security a
uditing products for MS SQL Servers
 http://nii.co.in/software/apsql.html We also provide Penetration Testing, Software Security Testing 
and other Security Services http://www.nii.co.in/services.html
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC