Test ID:	1.3.6.1.4.1.25623.1.0.11715
Category:	Gain a shell remotely
Title:	Header Overflow Attack against HTTP Proxy
Summary:	It was possible to crash the HTTP proxy by sending an invalid; request with a too long header.
Description:	Summary: It was possible to crash the HTTP proxy by sending an invalid request with a too long header. Vulnerability Impact: An attacker may exploit this vulnerability to make the proxy server to crash continually or even execute arbitrary code on the system. Affected Software/OS: The following products are known to be affected: - Avirt SOHO v4.2 - Avirt Gateway v4.2 - Avirt Gateway Suite v4.2 Other products / versions might be affected as well. Solution: Update the software. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0133 BugTraq ID: 3904 http://www.securityfocus.com/bid/3904 BugTraq ID: 3905 http://www.securityfocus.com/bid/3905 Bugtraq: 20020117 Avirt Proxy Buffer Overflow Vulnerabilities (Google Search) http://online.securityfocus.com/archive/1/251055 Bugtraq: 20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?) (Google Search) http://marc.info/?l=bugtraq&m=101164598828092&w=2 Bugtraq: 20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept (Google Search) http://marc.info/?l=bugtraq&m=101366658112809&w=2 Bugtraq: 20020220 Avirt 4.2 question (Google Search) http://marc.info/?l=bugtraq&m=101424723728817&w=2 http://www.iss.net/security_center/static/7916.php http://www.iss.net/security_center/static/7918.php
Copyright	Copyright (C) 2003 Michel Arboi

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.