Now SMS/MMS Gateway Multiple Remote Overflows

high Nessus Network Monitor Plugin ID 4389

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the Now SMS/MMS Gateway, a commercial product for managing SMS/MMS messaging on a network.

This version is vulnerable to several remote overflows. The first affects the HTTP server (which is installed by default). Long HTTP authorization messages can cause the application to crash. The second overflow affects the SMPP server (which is not enabled by default). An attacker exploiting these flaws would be able to execute arbitrary code on the remote system.

Solution

When available, apply the vendor-supplied patch. As a workaround, the administrative interface allows for the creation of Access Control Lists (ACLs) that restrict the machines that are allowed to connect to the respective services. Utilize strong ACLs to only allow traffic from trusted hosts.

See Also

http://www.nowsms.com

Plugin Details

Severity: High

ID: 4389

Family: Web Clients

Published: 2/20/2008

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:now:sms_mms_gateway

Exploitable With

Core Impact

Metasploit (Now SMS/MMS Gateway Buffer Overflow)

Reference Information

CVE: CVE-2008-0871

BID: 27896