CCProxy < 6.62 HTTP Proxy CONNECT Request Handling Remote Overflow

Critical Nessus Plugin ID 34489


The remote proxy server is affected by a buffer overflow vulnerability.


The remote host is running CCProxy, a proxy server from Youngzsoft.

The installed version is affected by a buffer overflow vulnerability. By sending a 'CONNECT' command along with large amounts of data, it may be possible to crash the application or to execute arbitrary code on the remote system.


Upgrade to CCProxy 6.62 or later.

See Also

Plugin Details

Severity: Critical

ID: 34489

File Name: ccproxy_6_62.nasl

Version: $Revision: 1.10 $

Type: remote

Family: Web Servers

Published: 2008/10/24

Modified: 2015/09/24

Dependencies: 34473

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Reference Information

CVE: CVE-2008-6415

BID: 31416

OSVDB: 48528

Secunia: 31997

CWE: 119