3proxy 0.5.3g (Linux) - 'proxy.c logurl()' Remote Buffer Overflow

/ 3proxyv0.5.3g: linux remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy.c -o x3proxy syntax: ./x3proxy -pscr+ -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny freeware proxy. I just saw a...

GLSA-200704-17 : 3proxy: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200704-17 3proxy: Buffer overflow The 3proxy development team reported a buffer overflow in the logurl function when processing overly long requests. Impact : A remote attacker could send a specially crafted transparent request to...

3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (win32)

No description provided by source. / 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server...

3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow

/ 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny...

3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow

3proxy 0.5.3g Windows x86 - proxy.c logurl Remote Buffer Overflow / 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/...

3proxy 0.5.3g proxy.c logurl() Remote Buffer Overflow Exploit (linux)

Exploit for linux platform in category remote exploits ===================================================================== 3proxy 0.5.3g proxy.c logurl Remote Buffer Overflow Exploit linux ===================================================================== / 3proxyv0.5.3g: linux remote buffer...

3proxy HTTP代理请求缓冲区溢出漏洞

3Proxy是一款小型的代理软件。 3proxy的logurl函数在处理超长请求时存在缓冲区溢出，如果攻击者向代理发送了特制的透明请求的话，就可以触发这个漏洞，导致以3proxy权限执行任意代码。 3Proxy 3proxy 0.6b - devel 20070413 3Proxy 3proxy 0.5 - 0.5.3g Gentoo ------ Gentoo已经为此发布了一个安全公告（GLSA-200704-17）以及相应补丁: GLSA-200704-17：3proxy: Buffer overflow...

3proxy: Buffer overflow

Background 3proxy is a multi-protocol proxy, including HTTP/HTTPS/FTP and SOCKS support. Description The 3proxy development team reported a buffer overflow in the logurl function when processing overly long requests. Impact A remote attacker could send a specially crafted transparent request to t...

3proxy HTTP Proxy请求远程缓冲区溢出漏洞

3Proxy是一款小型的代理软件。 3Proxy处理HTTP代理请求存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 3proxy 3proxy 0.6b devel 20061014 3proxy 3proxy 0.5.3g 3proxy 3proxy 0.5 升级到最新程序： http://3proxy.ru/0.5.3h/Changelog.txt...

Buffer overflow

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests...

CVE-2007-2031

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests...

CVE-2007-2031

Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests...

CVE-2007-2031

The CVE-2007-2031 issue affects the 3proxy HTTP proxy. The connected sources confirm a buffer/stack overflow in 3proxy’s HTTP proxy handling, specifically in the logurl() function as part of processing overly long requests. Affected versions include 3proxy 0.5 through 0.5.3g and 0.6b-devel prior ...

CVE-2006-6981

3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service blocked account via unspecified vectors related to NTLM authentication, which causes a password hash to be overwritten...

CVE-2006-6982

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials...

CVE-2006-6981

CVE-2006-6981 affects 3proxy versions 0.5 to 0.5.2. The issue arises when NT-encoded passwords are used and NTLM authentication is involved, allowing remote attackers to cause a denial of service by overwriting a password hash, resulting in a blocked account. The vulnerability is documented with ...

CVE-2006-6982

CVE-2006-6982 affects 3proxy versions 0.5 to 0.5.2. The issue is that NTLM authentication is not offered before basic authentication, which may cause browsers with incomplete RFC2616/RFC2617 support to fall back to basic cleartext credentials even when NTLM is available, potentially enabling cred...

CVE-2006-6982

3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials...

CVE-2006-6981

3proxy 0.5 to 0.5.2, when NT-encoded passwords are being used, allows remote attackers to cause a denial of service blocked account via unspecified vectors related to NTLM authentication, which causes a password hash to be overwritten...

3proxy user account locking

It's possible to lock user's account if user's password is stored as NT-hash via HTTP proxy. Service restart or configuration reload is required to restore account in working state. In addition, Basic authentication is offered as first authentication protocol, it can lead to shoosing weak clearte...