Vulnerabilities > CVE-2004-0313 - Remote Buffer Overflow vulnerability in Psoproxy Server 0.91

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
psoproxy
critical
exploit available
metasploit
NVD
Published: 2004-11-23
Updated: 2017-07-11

Summary

Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name.

Vulnerable Configurations

Part Description Count
Application
Psoproxy
1

Exploit-Db

  • descriptionPSOProxy 0.91 Remote Buffer Overflow Vulnerability (2). CVE-2004-0313. Remote exploit for windows platform
    idEDB-ID:23733
    last seen2016-02-02
    modified2004-02-20
    published2004-02-20
    reporterLi0n7
    sourcehttps://www.exploit-db.com/download/23733/
    titlePSOProxy 0.91 - Remote Buffer Overflow Vulnerability 2
  • descriptionPSO Proxy v0.91 Stack Buffer Overflow. CVE-2004-0313. Dos exploit for windows platform
    idEDB-ID:16790
    last seen2016-02-02
    modified2010-05-09
    published2010-05-09
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16790/
    titlePSO Proxy 0.91 - Stack Buffer Overflow
  • descriptionPSOProxy 0.91 Remote Buffer Overflow Vulnerability (3). CVE-2004-0313. Remote exploit for windows platform
    idEDB-ID:23734
    last seen2016-02-02
    modified2004-02-20
    published2004-02-20
    reporterNoRpiuS
    sourcehttps://www.exploit-db.com/download/23734/
    titlePSOProxy 0.91 - Remote Buffer Overflow Vulnerability 3
  • descriptionPSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP). CVE-2004-0313. Remote exploit for windows platform
    idEDB-ID:156
    last seen2016-01-31
    modified2004-02-26
    published2004-02-26
    reporterRave
    sourcehttps://www.exploit-db.com/download/156/
    titlePSOProxy 0.91 - Remote Buffer Overflow Exploit Win2k/XP
  • descriptionPSOProxy 0.91 Remote Buffer Overflow Vulnerability (1). CVE-2004-0313. Remote exploit for windows platform
    idEDB-ID:23732
    last seen2016-02-02
    modified2004-02-20
    published2004-02-20
    reporterPaLbOsA
    sourcehttps://www.exploit-db.com/download/23732/
    titlePSOProxy 0.91 - Remote Buffer Overflow Vulnerability 1

Metasploit

descriptionThis module exploits a buffer overflow in the PSO Proxy v0.91 web server. If a client sends an excessively long string the stack is overwritten.
idMSF:EXPLOIT/WINDOWS/HTTP/PSOPROXY91_OVERFLOW
last seen2020-04-11
modified2017-11-08
published2007-09-09
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0313
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/psoproxy91_overflow.rb
titlePSO Proxy v0.91 Stack Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83235/psoproxy91_overflow.rb.txt
idPACKETSTORM:83235
last seen2016-12-05
published2009-11-26
reporterPatrick Webster
sourcehttps://packetstormsecurity.com/files/83235/PSO-Proxy-v0.91-Stack-Overflow.html
titlePSO Proxy v0.91 Stack Overflow

References