Users login

Create an account »


Users login

Home » Hacking News » Tinyproxy Heap Overflow Vulnerability

Tinyproxy Heap Overflow Vulnerability

by Phiber on January 19th, 2001 Versions 1.3.2 and 1.3.3 of tinyproxy, a small HTTP proxy, exhibit a vulnerability to heap overflow attacks......

A failure to properly validate user-supplied input which arguments a call to sprintf() can allow unexpectedly large amounts of input to a buffer (used to display error messages) to be written past the boundary of the allocated space on the heap.
As a result, it may be possible to execute a denial of service attack, or even to execute arbitrary commands if certain internal memory structures can be successfully overwritten.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »