Vulnerabilities > CVE-2007-0796 - Unspecified vulnerability in Bluecoat Winproxy 6.0/6.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN bluecoat
nessus
Summary
Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Windows |
| NASL id | WINPROXY_61R1C.NASL |
| description | The remote host is running WinProxy, a proxy server for Windows. The version of WinProxy installed on the remote host reportedly contains a design issue that may result in a buffer overflow vulnerability. Using a specially crafted HTTP CONNECT request, a remote attacker may be able to leverage this issue to execute arbitrary code on the affected host subject to the privileges under which the service runs. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 24277 |
| published | 2007-02-06 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/24277 |
| title | WinProxy < 6.1r1c HTTP CONNECT Request Remote Overflow |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=471
- http://www.securityfocus.com/bid/22393
- http://securitytracker.com/id?1017586
- http://secunia.com/advisories/24049
- http://osvdb.org/33097
- http://www.vupen.com/english/advisories/2007/0482
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32204