CVE-2002-1001

HIGH

Description

Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/0006.html

http://www.analogx.com/contents/download/network/proxy.htm

http://www.iss.net/security_center/static/9455.php

http://www.iss.net/security_center/static/9456.php

http://www.securityfocus.com/bid/5138

http://www.securityfocus.com/bid/5139

Details

Source: MITRE

Published: 2002-10-04

Updated: 2008-09-05

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
11126AnalogX Proxy SOCKS4a DNS Hostname Handling Remote OverflowNessusFirewalls
critical