• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

T. Hauck Jana Server HTTP Proxy Server Request Logging Buffer Overflow Vulnerability

Jana Server is a server for Microsoft Windows based systems. Jana Server provides a wide range of proxy servers, and a number of other services. A HTTP proxy server is included.

A buffer overflow vulnerability has been reported in the HTTP proxy server. If an extremely long HTTP request is received, the server will crash when attempting to log the request. This has been reported to be the result of a buffer overflow condition.