In version 6.5 of CCProxy, there is a buffer overflow. But in 6.61, the bug is fixed?
From http://www.youngzsoft.net/ccproxy/whatsnew.htm:
12/06/2008 CCProxy 6.61
Modify sourcecode to avoid antivirus software false positive.
16/01/2008
CCProxy 6.6 is released. (19 messages)
Improved:
01 Improved the bandwidth statistic function.
02 Added monitor button on the toolbar.
03 Start DNS service by default.
04 Compatible with Win98/NT.
05 Remove web filter in mail proxy service.
06 Remove permit site filter in socks proxy service.
07 UDP log changed.
08 Remote admin's update will notify interface immediately.
09 Web filter will response more information to the clients.
10 PIPE changed.
11 Added a copy function in monitor.
12 Added Send Message function in monitor.
13 Added HTTP_X_FORWARDED_FOR in http header.
Bugs:
14 Fixed a bug in account loading.
15 Fixed a bug in register.
16 Fixed a bug in web content filter.
17 Fixed a bug in web filter in permit sites.
18 Fixed a bug in bandwidth statistics.
19 Fixed a bug in account import.
30/11/2007
CCProxy 6.5 version is released. (27 messages)
As you can (or cannot see), where is the security fix? I googled for any information and came up with nothing concerning this bug. You can send a "CONNECTION" with around 1032 bytes to pull the trigger.
Friday, September 19, 2008
Subscribe to:
Post Comments (Atom)
Posts
0 comments:
Post a Comment