SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   PSOProxy Vendors:   psoproxy.sourceforge.net
PSOProxy Buffer Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1009154
SecurityTracker URL:  http://securitytracker.com/id/1009154
CVE Reference:   CVE-2004-0313   (Links to External Site)
Updated:  Mar 23 2004
Original Entry Date:  Feb 20 2004
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Version(s): 0.91
Description:   A buffer overflow vulnerability was reported in PSOProxy. A remote user may be able to execute arbitrary code on the target system.

Donato Ferrante reported that a remote user can send the following type of requests to the proxy to trigger the buffer overflow:

GET /aaaa[ 942 of a ]aaaa HTTP/1.1

GET aaaa[ 942 of a ]aaaa HTTP/1.1

aaaa[ 1035 of a ]aaaa

The vendor has reportedly been notified without response.

Impact:   A remote user may be able to cause the proxy to crash or execute arbitrary code.
Solution:   No solution was available at the time of this entry.
Vendor URL:  psoproxy.sourceforge.net/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Remote Buffer Overflow in PSOProxy 0.91


                           Donato Ferrante


Application:  PSOProxy
              http://psoproxy.sourceforge.net/

Version:      0.91

Bug:          Remote Buffer Overflow

Author:       Donato Ferrante
              e-mail: fdonato@autistici.org
              web:    www.autistici.org/fdonato



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1. Description
2. The bug
3. The code
4. The fix



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

----------------
1. Description:
----------------

Vendor's Description:

"PSOProxy is a web server application designed to work with the
Gamecube web browser. Its main purpose is to allow Phantasy Star Online
snapshot files to be copied to a PC and converted to a common image
file format."



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
2. The bug:
------------

The server is not able to manage big input strings. In fact it will
have a buffer overflow.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-------------
3. The code:
-------------

To test the vulnerability send to the server a string like:

GET /aaaa[ 942 of a ]aaaa HTTP/1.1

or:

GET aaaa[ 942 of a ]aaaa HTTP/1.1

or:

aaaa[ 1035 of a ]aaaa



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

------------
4. The fix:
------------

No fix.
The vendor has not answered to my signalations.



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC