WinProxy < 6.1r1c HTTP CONNECT Request Remote Overflow
High Nessus Plugin ID 24277
SynopsisThe remote HTTP proxy is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running WinProxy, a proxy server for Windows.
The version of WinProxy installed on the remote host reportedly contains a design issue that may result in a buffer overflow vulnerability. Using a specially crafted HTTP CONNECT request, a remote attacker may be able to leverage this issue to execute arbitrary code on the affected host subject to the privileges under which the service runs.
SolutionUpgrade to WinProxy version 6.1r1c or later as it is rumored to address the issue.