Overview
A format string vulnerability in the simpleproxy TCP proxy may allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
simpleproxy, a basic open source TCP proxy, contains a format string vulnerability in an unspecified HTTP proxy request handling routine. If a remote attacker sends simpleproxy a specially crafted HTTP request, they may be able to execute arbitrary code on a vulnerable system. |
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the simpleproxy process. |
Solution
Upgrade Upgrading to simpleproxy version 3.4 corrects this problem. |
Vendor Information
Debian Linux Affected
Notified: September 02, 2005 Updated: September 02, 2005
Status
Affected
Vendor Statement
The old stable distribution (woody) is not affected.
For the stable distribution (sarge) this problem has been fixed in version 3.2-3sarge1.
For the unstable distribution (sid) this problem has been fixed in version 3.2-4.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
simpleproxy Affected
Updated: September 01, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
From simpleproxy version 3.4 ChangeLog:
2005-08-22 Vadim Zaliva <lord@zembla.local>
* simpleproxy.c (log): Patch from Ulf Harnhammar
<metaur@telia.com> to avoid security vulnerability which could
have been exploited through replies from remote HTTP proxies.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Apple Computer, Inc. Not Affected
Notified: September 02, 2005 Updated: October 10, 2005
Status
Not Affected
Vendor Statement
Mac OS X does not ship with simpleproxy.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
OpenWall Linux Not Affected
Notified: September 02, 2005 Updated: September 06, 2005
Status
Not Affected
Vendor Statement
Openwall GNU/*/Linux is not vulnerable. We do not package simpleproxy.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sun Microsystems, Inc. Not Affected
Notified: September 02, 2005 Updated: September 06, 2005
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Conectiva Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Cray, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
EMC, Inc. (formerly Data General Corporation) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Engarde Secure Linux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
F5 Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
FreeBSD, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Fujitsu Limited Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hewlett-Packard Company Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hitachi Internetworking Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation (zseries) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM eServer Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Immunix Communications, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Ingrian, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Juniper Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Microsoft Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
MontaVista Software Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NEC Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NetBSD Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Novell Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
OpenBSD Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
QNX, Software Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat Software, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sequent Computer Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Silicon Graphics, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sony Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
SuSe Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group (SCO Linux) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group (SCO UnixWare) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Turbolinux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
UNISYS Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Wind River Systems Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported by Ulf Harnhammar.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2005-1857 |
| Severity Metric: | 5.84 |
| Date Public: | 2005-08-26 |
| Date First Published: | 2005-09-02 |
| Date Last Updated: | 2005-10-10 17:31 UTC |
| Document Revision: | 19 |