WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)

This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.


Synopsis :

The remote proxy is affected by multiple vulnerabilities.

Description :

The remote host is running WinProxy, a proxy server for Windows.

According to the Windows registry, the installed version of WinProxy
suffers from denial of service and buffer overflow vulnerabilities in
its telnet and web proxy servers. An attacker may be able to exploit
these issues to crash the proxy or even execute arbitrary code on the
affected host.

See also :

http://www.nessus.org/u?40f07cd6
http://www.nessus.org/u?3a6c81a5
http://www.nessus.org/u?79b3006b
http://www.nessus.org/u?8c88612f

Solution :

Upgrade to WinProxy version 6.1a or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 20393 ()

Bugtraq ID: 16147
16148
16149

CVE ID: CVE-2005-3187
CVE-2005-3654
CVE-2005-4085