Buffer Overrun in AnalogX Proxy Server for Windows

A vulnerability in AnalogX Proxy 4.13 and earlier can result in the execution of arbitrary code on the vulnerable system.

Ken Pfeil

May 28, 2003

1 Min Read
ITPro Today logo

Reported May 26, 2003, by K.K. Mookhey.

 

 

VERSIONS AFFECTED

 

·        AnalogX 4.13 and earlier

 

DESCRIPTION

 

A vulnerability in AnalogX Proxy 4.13 and earlier can result in the execution of arbitrary code on the vulnerable system. This vulnerability stems from a buffer-overflow condition. If a malicious user connects to the vulnerable host on TCP Port 6588 and supplies a URL of greater than 340 characters, a buffer overrun is triggered on the vulnerable system. By supplying a specially crafted URL, an attacker can execute arbitrary code on the vulnerable system.

 

VENDOR RESPONSE

 

AnalogX has released version4.14, which isn't vulnerable to this condition.

 

CREDIT                                                                                                       

 

Discovered byK. K. Mookhey.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like