HomeRisk ManagementsCritical bug may expose over 50,000 Tinyproxy servers to denial of service...

Critical bug may expose over 50,000 Tinyproxy servers to denial of service attacks and remote code execution

Published on

spot_img

An open-source proxy server, Tinyproxy, which is predominantly used in small networks, has been found to have a critical flaw that could potentially lead to denial-of-service (DoS) attacks and remote code execution (RCE). The flaw, known as CVE-2023-49606, affects Tinyproxy versions 1.11.1 and 1.10.0, allowing attackers to exploit a use-after-free vulnerability by sending a specially crafted HTTP Connection header. This flaw has been rated 9.8 out of 10 on the CVSS vulnerability-severity scale.

Despite being designed for small networks, Tinyproxy is used by a wide range of users including small businesses, public Wi-Fi providers, home users, and even enterprises for testing and development purposes. The potential consequences of compromising a proxy server are severe, ranging from data breaches to service disruptions.

While there haven’t been any reported instances of active exploitation of the flaw yet, a significant number of Tinyproxy instances, estimated to be over 90,000 hosts, are currently exposed to the vulnerability. The largest concentration of these vulnerable servers is found in AMAZON-02 from Amazon Web Services, indicating that individual users are at a higher risk.

In response to the flaw, Cisco Talos published a proof-of-concept exploit on May 1, showcasing how a simple HTTP request could trigger CVE-2023-49606. However, the maintainer of Tinyproxy, known as “rofl0r,” criticized Talos’ description of the flaw, calling it “useless details.” Instead, rofl0r provided an update to fix the vulnerability and highlighted the severity of the flaw.

The flaw in Tinyproxy stems from outdated code written in 2002, which fails to properly handle the removal of certain headers in HTTP requests, leading to memory corruption. This flaw could enable DoS attacks and potentially allow for RCE, posing a significant threat to vulnerable servers.

To mitigate the risk posed by CVE-2023-49606, administrators are advised to update Tinyproxy with the fix provided by the maintainer. Additionally, implementing basic authentication with secure passwords and restricting access to the proxy server within trusted networks can enhance security and prevent exploitation by external attackers.

In conclusion, the discovery of this critical flaw in Tinyproxy underscores the importance of timely updates and robust security measures to protect against potential cyber threats. By addressing vulnerabilities promptly and following best practices for server security, users can safeguard their networks and prevent unauthorized access to sensitive data.

Source link

Latest articles

EU Extends Chat Control Rules to 2028

EU Moves Towards Extension of Temporary Child Protection Regulations: Privacy Concerns Emerge The European Union...

281 Android VPN Apps Expose Users to Traffic Leaks, Tracking, and Tunnel Hijacking Issues

A recent security analysis has illuminated significant privacy and security vulnerabilities within a staggering...

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

More like this

EU Extends Chat Control Rules to 2028

EU Moves Towards Extension of Temporary Child Protection Regulations: Privacy Concerns Emerge The European Union...

281 Android VPN Apps Expose Users to Traffic Leaks, Tracking, and Tunnel Hijacking Issues

A recent security analysis has illuminated significant privacy and security vulnerabilities within a staggering...

UNK MassTraction Aims for Partnerships with US and Canadian Universities

Targeted Cyber Attacks on U.S. and Canadian Universities: The Threat of UNK_MassTraction A newly identified...