AOH :: HP Unsorted F :: C07-2252.HTM

FreeProxy medium level security hole
Medium level security hole in FreeProxy
Medium level security hole in FreeProxy

Content-Type: text/plain;
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

The FreeProxy HTTP proxy server suffers from a denial of service condition 
which causes the server to hang.  This occurs when an attacker makes a 
request for the hostname/portnumber combination in use by the server itself.  
The vendor was notified on the 10th January 2007 and a fix was made available 
on the 24th.  Full details can be found in the attached advisory.
Tim Brown

Content-Type: application/pgp-keys;
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;

Hash: SHA1

Nth Dimension Security Advisory (NDSA20070206)
Date: 6th February 2007
Author: Tim Brown  
URL:  /  
Product: FreeProxy 3.81/1511 (built 10-10-2004 @19:46:16)  
Vendor: Hand Crafted Software  
Risk: Medium


The FreeProxy HTTP proxy server is vulnerable to denial of service.

Technical Details

The FreeProxy HTTP proxy server hangs when it receives a request is made for the
for the hostname/portnumber combination in use by the server itself, like so:

$ telnet 8080
Connected to
Escape character is '^]'.
GET / HTTP/1.0

Connection closed by foreign host.

The threads spike as it recursively connects to itself, then fall as each
thread times out waiting on the next, then the controlling threads themselves
appear to hang.  The OS will accept the connection (the usual 3 way handshake), but the server will not respond to any requests.


Following vendor notification on the 16th January 2007, the vendor promptly
responded with a patched version which fixed this issue.  This was released
as build 1626 on the 24th January 2007.  Nth Dimension would recommend
upgrading to this version or later.
Version: GnuPG v1.4.6 (GNU/Linux)



The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to