Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1001

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1001
Last Modified 05 Sep 2008 04:29:30
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1001

Summary

Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.

Vulnerable Systems

Application

  • Analogx Proxy 4.0

  • Analogx Proxy 4.0.1

  • Analogx Proxy 4.0.2

  • Analogx Proxy 4.0.3

  • Analogx Proxy 4.0.4

  • Analogx Proxy 4.0.5

  • Analogx Proxy 4.0.6

  • Analogx Proxy 4.0.7


References

BID - 5139

BID - 5138

XF - analogx-proxy-socks4a-bo(9456)

XF - analogx-proxy-http-bo(9455)

CONFIRM - http://www.analogx.com/contents/download/network/proxy.htm

BUGTRAQ - 20020701 Foundstone Advisory - Buffer Overflow in AnalogX Proxy (fwd)


Last Updated: 27 May 2016 10:37:10