Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Now SMS/MMS Gateway Multiple Remote Overflows



The remote host is vulnerable to a buffer overflow.


The remote host is running the Now SMS/MMS Gateway, a commercial product for managing SMS/MMS messaging on a network.

This version is vulnerable to several remote overflows. The first affects the HTTP server (which is installed by default). Long HTTP authorization messages can cause the application to crash. The second overflow affects the SMPP server (which is not enabled by default). An attacker exploiting these flaws would be able to execute arbitrary code on the remote system.


When available, apply the vendor-supplied patch. As a workaround, the administrative interface allows for the creation of Access Control Lists (ACLs) that restrict the machines that are allowed to connect to the respective services. Utilize strong ACLs to only allow traffic from trusted hosts.