Short Name |
APP:YOUNGZSOFT-CONNECT |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Youngzsoft CCProxy CONNECT Request Buffer Overflow |
Release Date |
2010/10/14 |
Update Number |
1792 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
There exists a buffer overflow vulnerability in Youngzsoft CCProxy. The flaw is due to improper processing of the CONNECT request sent to the server. Remote attackers could exploit this vulnerability by sending CONNECT requests with specially crafted parameter. Successful exploitation would allow for arbitrary code injection and execution with the privileges of the server process. In a sophisticated attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the affected application. In an attack case where code injection is not successful, the affected application may terminate abnormally.
CCProxy is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects CCProxy 6.61; other versions may also be affected.