Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:NOW-SMS-OF-MSF |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Now SMS/MMS Gateway Overflow |
Release Date |
2010/03/29 |
Update Number |
1642 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Now SMS/MMS Gateway Overflow
This signature detects attempts to exploit a known vulnerability against Now Wireless Now SMS/MMS Gateway. Attackers can execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. This signature is based of the public PoC available in Metasploit Exploit Framework.
Extended Description
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
Affected Products
- Now sms_mms_gateway 2007.06.27
References
- BugTraq: 27896
- CVE: CVE-2008-0871