Now SMS/MMS Gateway < 2008.02.22 Multiple Remote Overflows

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

A remote Windows host contains a program that is affected by multiple
buffer overflow vulnerabilities.

Description :

The remote host is running Now SMS/MMS Gateway, a tool for connecting
to SMS and/or MMS messaging providers and managing GSM modems.

The web interface component of the version of Now SMS/MMS Gateway
installed on the remote host contains a stack-based buffer overflow
that can be triggered using a specially crafted HTTP Authorization
request header. An unauthenticated, remote attacker can leverage this
issue to crash the affected service or to execute arbitrary code on
the affected host subject to the privileges under which the service
operates, SYSTEM by default.

In addition, there is similar buffer overflow in the application's
SMPP server, which allocates a stack buffer of 4 KB for incoming
packets but fails to check their actual size. By default, though, this
service is not enabled.

See also :

http://aluigi.altervista.org/adv/nowsmsz-adv.txt
http://www.nowsms.com/discus/messages/53/23641.html
http://blog.nowsms.com/2008/02/nowsms-2008-and-important-security.html

Solution :

Upgrade to Now SMS/MMS Gateway version 2008.02.22 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 32481 ()

Bugtraq ID: 27896

CVE ID: CVE-2008-0871

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now