Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » DeleGate HTTP buffer overflow

DeleGate HTTP buffer overflow

by Nikola Strahija on March 26th, 2003 Buffer overflow vulnerability has been found in DeleGate HTTP proxy. Successful exploitation may result in execution of malicious code.


This is due to insufficient bounds checking of User-Agent: fields in remote 'robot.txt' files.


Vulnerable:
DeleGate version 7.9.11 to 8.4 .0


Not vulnerable:
DeleGate 8.5.0


Solution:
DeleGate 7.9.11:

- OpenPKG Upgrade delegate-7.9.11-1.1.1.src.rpm
- ftp://ftp.openpkg.org/release/1.1/UPD/delegate-7.9.11-1.1.1.src.rpm

DeleGate 8.3.3:

- OpenPKG Upgrade delegate-8.3.3-1.2.1.src.rpm
- ftp://ftp.openpkg.org/release/1.2/UPD/delegate-8.3.3-1.2.1.src.rpm

DeleGate 8.3.4 and 8.4.0:

- Upgrade DeleGate 8.5.0
- http://www.delegate.org/delegate/download/


Discovered by:
Keigo Yamazaki


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »