New User? Click here to register! Feel free to read this for beginners help.

Computer Cops
image image image image image image image image
Prime Choice
· Head Lines
· Dnld of the Week!
· Find a Cure!
· Ian T's (Article 12)
· Marcia's (Op9)
· Paul's (Article 3)
· Ian T's Archive
· Marcia's Archive
· Paul's Archive
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Security Central
· Home
· Wireless
· Bookmarks
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· Recommend Us
· RegChat
· Reviews
· Search
· Sections
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
Donations
image
Search

image
Survey
Which Anti-Virus product do you use?
Computer Associates
Eset (NOD32)
F-Secure
Frisk (F-Prot)
Grisoft (AVG)
Kaspersky
Network Associates (McAfee)
Panda
Sophos
Symantec (NAV)
Trend Micro
Other



Results
Polls

Votes: 9004
Comments: 83
image
Translate
English German French
Italian Portuguese Spanish
image
Hosted By
Computer Cops is a satisfied customer of [ JaguarPC ]
image
image proxo: Vulnerabilities: Proxomitron Long Path Buffer Overflow/DoS image
Proxomitron

February 19, 2003 10:55 PM EST
By

Just was browsing the Proxomitron User List at Yahoo when I came across this message by Scott R. Lemmon the author of The Proxomitron - Univeral Web Filter.

The exploit as follows:
Sending a parameter with a buffer of 1024 bytes in length or more, causes Proxomitron Naoko to crash.

This vulnerability can be easily exploited to execute code.



This was discovered and reported by Grégory Le Bras over at Security-Corp. Details of the vulnerablilty can be found at Security-Corps advisories. Scott was alerted by Grégory Le Bras that users running under a restricted environment of some type (like a public terminal) might be able to use it to bypass those restrictions if Proxomitron was already installed and could run it with a command line. Scott further advised that anyone who runs a computer with Proxomitron installed and allows any type of shell access to untrusted users might want to make sure they're restricted from running it. That information can be found at message #14704 at Proxomitron User List.
Resources:
Message #14703 -prox-list

SCSA-005.txt [Proxomitron Naoko Long Path Buffer Overflow/DoS ] [February 19th 2003]
Posted on Wednesday, 19 February 2003 @ 22:55:00 EST by cj
image

 
Login
Nickname

Password
· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· HotScripts
· W3 Consortium
· Proxomitron
· Proxomitron Forum
· ZXList Forum
· Download Proxomitron
· More about Proxomitron
· News by cj
Most read story about Proxomitron:
Proxomitron - The end of an Epoch

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent

image
Options

Printer Friendly Page  Printer Friendly Page

Send to a Friend  Send to a Friend
image
"Login" | Login/Create an Account | 0 comments
Threshold
  
The comments are owned by the poster. We aren't responsible for their content.
Home · Topics · Submit News · Top 10
This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved.
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Acceptable Use Policy. Use signifies your agreement.
Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member.
Paul Laudanski, Member of Computer Cops, LLC
Server Load: 398 pages served in previous 5 minutes. Page Generation: 0.532 seconds.