APP: Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit
This signature detects attempts to exploit a known vulnerability in the Now SMS MMS Gateway. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the administrator.
Extended Description
Now SMS/MMS Gateway is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. These issues affect Now SMS/MMS Gateway 2007.06.27 and prior versions.
Affected Products
Now_wireless now_sms/mms_gateway
Short Name
APP:NOW-SMS-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Authorization Buffer CVE-2008-0871 Exploit Gateway MMS Now Overflow SMS Web bid:27896
Release Date
08/13/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/8800
False Positive
Unknown
Vendors
Now_wireless
CVSS Score
6.8