Не-е-е (все равно уже в bugtraq написано).
Это - признак уважения к автору и популярности этой программы ;-)
> -----Original Message-----
> From: 3APA3A [mailto:3APA3A@xxxxxxxxxxxxxxxx]
> Sent: Monday, April 23, 2007 5:54 PM
> To: Kazennov, Vladimir
> Cc: security-alerts@xxxxxxxxxxxxxx
> Subject: Re: [security-alerts] FYI: 3proxy Transparent
> Request Handling Buffer Overflow
>
> Dear Kazennov, Vladimir,
>
> Ну вот взял и заложил :)
>
> --Monday, April 23, 2007, 4:44:43 PM, you wrote to
> security-alerts@xxxxxxxxxxxxxx:
>
>
> >>
> ----------------------------------------------------------------------
> >>
> >> TITLE:
> >> 3proxy Transparent Request Handling Buffer Overflow
> >>
> >> SECUNIA ADVISORY ID:
> >> SA24961
> >>
> >> VERIFY ADVISORY:
> >>
> >>
> >> CRITICAL:
> >> Highly critical
> >>
> >> IMPACT:
> >> System access
> >>
> >> WHERE:
> >> From remote
> >>
> >> SOFTWARE:
> >> 3proxy 0.x
> >>
> >>
> >> DESCRIPTION:
> >> A vulnerability has been reported in 3proxy, which
> potentially can be
> >> exploited by malicious people to compromise a vulnerable system.
> >>
> >> The vulnerability is caused due to a buffer overflow within the
> >> handling of transparent requests. This may be exploited to execute
> >> arbitrary code by sending specially crafted transparent
> requests to a
> >> vulnerable server.
> >>
> >> The vulnerability is reported in versions prior to 0.5.3h.
> >>
> >> SOLUTION:
> >> Update to version 0.5.3h.
> >>
> >>
> >> PROVIDED AND/OR DISCOVERED BY:
> >> The vendor credits big_gad_(at)_mail.ru.
> >>
> >> ORIGINAL ADVISORY:
> >>
> >>
> >>
> ----------------------------------------------------------------------
>
>
>
> --
> ~/ZARAZA
> Таким образом он умирает в шестой раз - и опять на новом месте. (Твен)
>
>
