Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WinGate < 6.2.2 Invalid SMTP State Remote DoS



The remote proxy is affected by a denial of service vulnerability.


The remote host appears to be running WinGate, a Windows application for managing and securing Internet access. The version of WinGate installed on the remote host fails to sanitize user-supplied input to its SMTP server component of format strings before using it to log a problem. By connecting to the service and issuing commands the server was not expecting, a remote attacker may be able to force the service to an invalid state and crash the WinGate service itself, thereby denying service to legitimate users.


Upgrade to version 6.2.2 or higher.