‘Ziproxy Multiple Integer Overflow Vulnerabilities’

Published on June 28th, 2010
Summary

Two vulnerabilities were discovered in Ziproxy, which can be exploited by malicious people to compromise a vulnerable system.’

Credit:

‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-75/


Details

Vulnerable Systems:
 * Ziproxy 3.0.0.

Immune Systems:
 * Ziproxy 3.0.1.

The following vulnerabilities were discovered:

1) An integer overflow within the ‘jpg2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted JPG images.
2) An integer overflow within the ‘png2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images.

CVE Information:
CVE-2010-1513

Disclosure Timeline:
19/05/2010 – Vendor notified.
19/05/2010 – Vendor response.
20/05/2010 – Vendor issues fixed version.
24/05/2010 – Public disclosure.’

Categories: UNIX
Tags:

Related Posts

UNIX

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

'This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.'

UNIX

‘Insight Control for Linux Multiple Vulnerabilities’

'Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.'

UNIX

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

'A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX.'