Update Protection against Youngzsoft CCProxy CONNECT Request Buffer Overflow
| Check Point Reference: | CPAI-2008-346 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | SecurityFocus Bugtraq ID: 31416 | |
| Industry Reference(s): | TBD | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Youngzsoft CCProxy 6.5 | ||
| Vulnerability Description Youngzsoft CCProxy is an Internet connection sharing software and web proxy software. It can be used for Internet connection sharing and control the user's bandwidth and access time. The Internet sharing service that is provided in CCProxy listens on TCP port 808 for the proxy services and implements the HTTP/RTSP, Secure, FTP, Gopher protocol. |
||
|
Vulnerability Details There exists a buffer overflow vulnerability in Youngzsoft CCProxy. The flaw is due to improper processing of the CONNECT request sent to the server. Remote attackers could exploit this vulnerability by sending CONNECT requests with specially crafted parameter. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the server process. In a sophisticated attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the affected application. In an attack case where code injection is not successful, the affected application may terminate abnormally. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.