[30269] in bugtraq
Re: NII Advisory - Buffer Overflow in Analogx Proxy
daemon@ATHENA.MIT.EDU (Godwin Stewart)
Wed May 28 01:35:08 2003
Date: Tue, 27 May 2003 23:18:47 +0200
From: Godwin Stewart <gstewart@spamcop.net>
To: "K. K. Mookhey" <cto@nii.co.in>
Message-Id: <20030527231847.64cfb06b.gstewart@spamcop.net>
In-Reply-To: <021f01c32390$ba7cf500$4900a8c0@laptop1>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
And Thus Spake "K. K. Mookhey" <cto@nii.co.in> (on Mon, 26 May 2003 19:41:38
+0530):
> ===============================================
> Buffer Overflow In Analogx Proxy 4.13
> Vendor: Analogx
> Versions affected: Proxy 4.13
> Date: 26th May 2003
> Type of Vulnerability: Remotely Exploitable Buffer Overflow
> Severity: High
> By: Network Intelligence India www.nii.co.in
> ===============================================
Unfortunately, the buffer overflow is not the only problem with AnalogX.
The default installation is "everything open", and a very large proportion
of the spam sent flying around the world is sent through open AnalogX
proxies.
http://tinyurl.com/csut (redirects to news.admin.net-abuse.email archives)
--
G. Stewart -- gstewart@bonivet.net -- gstewart@spamcop.net
Registered Linux user #284683
---------------------------------------------------------------
In the 60's people took acid to make the world weird.
Now the world is weird and people take Prozac to make
it normal.
