At32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running at32 Reverse Proxy and is prone to denial of service vulnerability.

Impact

Successful exploitation may allow remote attackers to cause the application to crash, creating a denial of service condition. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

The flaw is due to a NULL pointer dereference error when processing web requests and can be exploited to cause a crash via an overly long string within a HTTP header.

Affected

at32 Reverse Proxy version 1.060.310

References

http://archives.neohapsis.com/archives/bugtraq/2012-03/0080.html
http://osvdb.org/80242
http://packetstormsecurity.org/files/110967/at32-dos.txt
http://secunia.com/advisories/48460
http://www.securityfocus.com/archive/1/521993
http://www.securityfocus.com/bid/52553

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5332

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CUPS 'scheduler/select.c' Denial Of Service Vulnerability
ClamAV Invalid Memory Access Denial Of Service Vulnerability
Firefox XUL Parsing Denial of Service Vulnerability (Linux)
Cherokee POST request DoS
ClamAV Prior to 0.96.5 Multiple Vulnerabilities

at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability

Take action and discover your vulnerabilities