SurfNOW Proxy Service Can Be Denied By Remote Users
|
|
SecurityTracker Alert ID: 1008879
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 28 2004
|
Impact: Denial of service via network
|
Exploit Included: Yes
|
Version(s): 2.2
|
Description: A vulnerability was reported in the SurfNOW proxy software. A remote user can cause the proxy to stop working properly.
Donato Ferrante reported that a remote user can send a specially crafted HTTP GET request to the target server to cause denial of
service conditions on the proxy.
As a demonstration exploit, the following request can reportedly be sent several times (approximately
seven times) to trigger the flaw:
GET \aaaaaaaaaaaaa[ 490 kb of a ]aaaa HTTP/1.1\n\n\n
|
Impact: A remote user can cause denial of service conditions on the proxy.
|
Solution: No solution was available at the time of this entry. According to the report, the vendor plans to issue a fix in the next product release.
|
Vendor URL: www.loomsoft.com/ (Links to External Site)
|
Cause: Exception handling error, Input validation error
|
Underlying OS: Windows (Any)
|
Reported By: "Donato Ferrante" <fdonato@autistici.org>
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 28 Jan 2004 14:53:49 +0100
From: "Donato Ferrante" <fdonato@autistici.org>
Subject: Denial Of Service in SurfNOW 2.2
|
Donato Ferrante
Application: SurfNOW
http://www.loomsoft.com/
Version: 2.2
Bug: Denial Of Service
Author: Donato Ferrante
e-mail: fdonato@autistici.org
web: www.autistici.org/fdonato
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1. Description
2. The bug
3. The code
4. The fix
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
----------------
1. Description:
----------------
Vendor's Description:
"SurfNOW is a simple local HTTP Proxy Server (running on your computer)
without cache. SurfNOW protects your privacy while on the Internet as
well as speeds up your downloads, especially if you are trying to get
several files form overseas or from otherwise rather slow server.
It can also completely hide your IP address by dynamically connecting
to non-transparent anonymizing public proxy servers. You can also test
a list of proxy servers and sort them by connection speed and level
of anonimity."
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
2. The bug:
------------
The bug is in the http header handling, so is possible to send crafted
big strings to the server and it will not work correctly.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-------------
3. The code:
-------------
To test the vulnerability send to the server a string like:
[1] "GET \aaaaaaaaaaaaa[ 490 kb of a ]aaaa HTTP/1.1\n\n\n"
For example, if you use netcat you can test the bug, using:
nc -v -v host 8080 < testFile.txt
( note: "testFile.txt" is a file of 490 Kb as [1] )
and repeating this, for example 7 times.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
------------
4. The fix:
------------
Bug will be fixed in the next version of SurfNOW.
So go on the Loomsoft's official website, http://www.loomsoft.com/
and check for the next version of SurfNOW.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
