Now SMS/MMS Gateway Multiple Remote Overflows

High Nessus Network Monitor Plugin ID 4389

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the Now SMS/MMS Gateway, a commercial product for managing SMS/MMS messaging on a network.

This version is vulnerable to several remote overflows. The first affects the HTTP server (which is installed by default). Long HTTP authorization messages can cause the application to crash. The second overflow affects the SMPP server (which is not enabled by default). An attacker exploiting these flaws would be able to execute arbitrary code on the remote system.

Solution

When available, apply the vendor-supplied patch. As a workaround, the administrative interface allows for the creation of Access Control Lists (ACLs) that restrict the machines that are allowed to connect to the respective services. Utilize strong ACLs to only allow traffic from trusted hosts.

See Also

http://www.nowsms.com

Plugin Details

Severity: High

ID: 4389

File Name: 4389.prm

Family: Web Clients

Published: 2008/02/20

Modified: 2016/01/15

Dependencies: 4384

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

Core Impact

Metasploit (Now SMS/MMS Gateway Buffer Overflow)

Reference Information

CVE: CVE-2008-0871

BID: 27896

OSVDB: 42953, 42954