CVE-2008-0633

anon_proxy_server < 0.102 - Denial of Service via Username with Excessive Quotes

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0633. PoCs published by L4teral.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Anon Proxy Server by sending a crafted string of 430 'A's, followed by 29 quotes, and another 40 'A's. The lack of bounds checking allows arbitrary code execution in the context of the vulnerable application.

Description

Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.

Exploits (1)

exploitdb WORKING POC VERIFIED
by L4teral · textdosmultiple
https://www.exploit-db.com/exploits/31100

This exploit targets a buffer overflow vulnerability in Anon Proxy Server by sending a crafted string of 430 'A's, followed by 29 quotes, and another 40 'A's. The lack of bounds checking allows arbitrary code execution in the context of the vulnerable application.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Anon Proxy Server versions prior to 0.103
No auth needed
Prerequisites: Network access to the vulnerable Anon Proxy Server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3618
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27593
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487446/100/0/threaded

Scores

EPSS 0.0193
EPSS Percentile 77.4%

Details

CWE
CWE-119
Status published
Products (1)
anon_proxy_server/anon_proxy_server < 0.102
Published Feb 06, 2008
Tracked Since Feb 18, 2026