PSOProxy Long Input Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA10948
VERIFY ADVISORY:
http://secunia.com/advisories/10948/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
PSOProxy 0.x
DESCRIPTION:
Donato Ferrante has discovered a vulnerability in PSOProxy, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error when handling received data. This can be exploited to cause a buffer overflow by sending an overly long HTTP request or arbitrary large string (about 1035 bytes) to the service or tricking a user, whose traffic is processed by the proxy, to visit a malicious website or click a specially crafted link.
The vulnerability has been confirmed in version 0.91 for Windows. Other versions may also be affected.
SOLUTION:
Use another product.
PROVIDED AND/OR DISCOVERED BY:
Donato Ferrante
For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10948/