This script is Copyright (C) 2008-2011 Tenable Network Security, Inc.
The remote web server is affected by a buffer overflow vulnerability.
The remote host is running Alt-N's SecurityGateway for Exchange/SMTP,
an email spam firewall for Exchange and SMTP servers.
The version of SecurityGateway installed on the remote host is earlier
than 1.0.2. Such versions are reportedly affected by a buffer
overflow that can be triggered using a long 'username' parameter to
the 'SecurityGateway.dll' script to execute arbitrary code on the
remote host with SYSTEM-level privileges, potentially resulting in a
complete compromise of the affected host.
See also :
Upgrade to SecurityGateway 1.0.2 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true
Nessus Plugin ID: 33104 ()
Bugtraq ID: 29457
CVE ID: CVE-2008-4193
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.