Signature Detail
Short Name |
APP:NOW-SMS-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit |
Release Date |
2008/08/13 |
Update Number |
1252 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit
This signature detects attempts to exploit a known vulnerability in the Now SMS MMS Gateway. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the administrator.
Extended Description
Now SMS/MMS Gateway is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. These issues affect Now SMS/MMS Gateway 2007.06.27 and prior versions.
Affected Products
- Now Wireless Now SMS/MMS Gateway 2007.06.27
References
- BugTraq: 27896
- CVE: CVE-2008-0871