Overview
A format string vulnerability in the simpleproxy TCP proxy may allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
simpleproxy, a basic open source TCP proxy, contains a format string vulnerability in an unspecified HTTP proxy request handling routine. If a remote attacker sends simpleproxy a specially crafted HTTP request, they may be able to execute arbitrary code on a vulnerable system. |
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the simpleproxy process. |
Solution
Upgrade Upgrading to simpleproxy version 3.4 corrects this problem. |
Vendor Information
Debian Linux
Notified: September 02, 2005 Updated: September 02, 2005
Status
Vulnerable
Vendor Statement
The old stable distribution (woody) is not affected.
For the stable distribution (sarge) this problem has been fixed in version 3.2-3sarge1.
For the unstable distribution (sid) this problem has been fixed in version 3.2-4.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
simpleproxy
Updated: September 01, 2005
Status
Vulnerable
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
From simpleproxy version 3.4 ChangeLog:
2005-08-22 Vadim Zaliva <lord@zembla.local>
* simpleproxy.c (log): Patch from Ulf Harnhammar
<metaur@telia.com> to avoid security vulnerability which could
have been exploited through replies from remote HTTP proxies.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Apple Computer, Inc.
Notified: September 02, 2005 Updated: October 10, 2005
Status
Not Vulnerable
Vendor Statement
Mac OS X does not ship with simpleproxy.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
OpenWall Linux
Notified: September 02, 2005 Updated: September 06, 2005
Status
Not Vulnerable
Vendor Statement
Openwall GNU/*/Linux is not vulnerable. We do not package simpleproxy.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sun Microsystems, Inc.
Notified: September 02, 2005 Updated: September 06, 2005
Status
Not Vulnerable
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Conectiva Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Cray, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
EMC, Inc. (formerly Data General Corporation)
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Engarde Secure Linux
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
F5 Networks, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
FreeBSD, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Fujitsu Limited
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hewlett-Packard Company
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hitachi Internetworking
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation (zseries)
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM eServer
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Immunix Communications, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Ingrian, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Juniper Networks, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Mandriva, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Microsoft Corporation
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
MontaVista Software
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NEC
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NetBSD
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Novell
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
OpenBSD
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
QNX, Software Systems, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat Software, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sequent Computer Systems, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Silicon Graphics, Inc.
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sony Corporation
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
SuSe
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group (SCO Linux)
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group (SCO UnixWare)
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Turbolinux
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
UNISYS
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Wind River Systems
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A |
References
Credit
This vulnerability was reported by Ulf Harnhammar
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2005-1857 |
| Severity Metric: | 5.84 |
| Date Public: | 2005-08-26 |
| Date First Published: | 2005-09-02 |
| Date Last Updated: | 2005-10-10 17:31 UTC |
| Document Revision: | 19 |