Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5421

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5421
Last Modified 12 Dec 2008 12:00:00
Published 11 Dec 2008 10:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5421

Summary

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service (hang) via (1) a large integer in the Content-Length HTTP header; (2) an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or (3) a missing Content-Length HTTP header.

Vulnerable Systems

Application

  • Netwin Smsgate 1.0a

  • Netwin Smsgate 1.0c

  • Netwin Smsgate 1.0h

  • Netwin Smsgate 1.0r

  • Netwin Smsgate 1.0w

  • Netwin Smsgate 1.1m

  • Netwin Smsgate 1.1n


References

BID - 28048

SECUNIA - 29149

MISC - http://aluigi.altervista.org/adv/smsgheit-adv.txt


Last Updated: 27 May 2016 10:48:48