lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <17910185115.20071023230851@SECURITY.NNOV.RU>
Date: Tue, 23 Oct 2007 23:08:51 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: 3proxy 0.5.3j released (bugfix)


3proxy  (  http://3proxy.ru/  ) is multi-platform (Windows, Linux, Unix)
multi-protocol  proxy  server  with abilities to mange traffic flows and
bandwidths,    convert   requests   between   different   proxy   types,
authenticate,  authorize,  control,  limit  and account users access and
more.

3proxy   0.5.3j   version   was   released,  to  address  double  free()
vulnerability  in  FTP proxy module (ftppr) reported by Venustech AD-LAB
(CVE-2007-5622).  Vulnerable  3proxy  versions are 0.5 - 0.5.3i. Current
branch (0.6) is not affected.

3proxy 0.5.3j can be downloaded from http://3proxy.ru/download/

Because  of  programming  error resulting in double free() vulnerability
during  the  handling of "OPEN" FTP proxy request, it may be possible to
crash  3proxy service by repeating this request. Reliable code execution
doesn't seem possible.

FTP  proxy  is special non-standard (no RFC specification) type of proxy
server  with  extended  RFC  959  command  set, compatible with only few
graphical  FTP  clients.  It's  not  compatible  with  browsers, because
browsers  use  different, FTP over HTTP proxy. FTP proxy is not commonly
used.

Vulnerability  requires 'ftppr' service to be manually enabled in 3proxy
configuration  file  or  special  'ftppr'  application executed. No over
services  (SOCKS,  HTTP including FTP over HTTP proxy, POP3, TCP and UDP
portmapping, etc) are affected.

Vulnerability  is  of pre-authentication type, but, because FTP proxy in
3proxy  0.5x  branch doesn't support reverse proxing, it should never be
accessible  from  Internet.  Web  scenario with exploitation through the
legitimate  client  is also impossible. Under typical configuration, the
scope of this vulnerability is limited to local network.
  

-- 
http://securityvulns.com/
         /\_/\
        { , . }     |\
+--oQQo->{ ^ }<-----+ \
|  ZARAZA  U  3APA3A   } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
                    |/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ