Short Name |
APP:NOW-SMS-OF-MSF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Now SMS/MMS Gateway Overflow |
Release Date |
2010/03/29 |
Update Number |
1642 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Now Wireless Now SMS/MMS Gateway. Attackers can execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. This signature is based of the public PoC available in Metasploit Exploit Framework.
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.