Proxy-Pro Professional GateKeeper Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA10947
VERIFY ADVISORY:
http://secunia.com/advisories/10947/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Proxy-Pro Professional GateKeeper 4.x
DESCRIPTION:
Ivan Rodriguez Almuiqa has discovered a vulnerability in Proxy-Pro Professional GateKeeper, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the web proxy ("GKHttp.dll"). This can be exploited to cause a buffer overflow by sending an overly long HTTP request or arbitrary string (about 4100 bytes) to the service or by tricking a user, whose HTTP traffic is processed by the proxy, to visit a malicious website or click a specially crafted link.
Successful exploitation may allow execution of arbitrary code with the privileges of "GKService.exe".
The vulnerability has been confirmed in version 4.7. Other versions may also be affected.
An exploit is available.
SOLUTION:
- Disable the web proxy.
- Use another product.
PROVIDED AND/OR DISCOVERED BY:
Ivan Rodriguez Almuiqa
ORIGINAL ADVISORY:
http://www.coromputer.net/index?m=articles&s=5&id=32&l=2
For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10947/