Alt-N SecurityGateway username buffer overflow

Added: 07/18/2008
CVE: CVE-2008-4193
BID: 29457
OSVDB: 45854

Background

Alt-N SecurityGateway is an e-mail spam firewall for Exchange and SMTP servers.

Problem

A buffer overflow vulnerability in the web administration interface allows remote attackers to execute arbitrary commands by sending an HTTP request containing a long, specially crafted username parameter to the SecurityGateway.dll program.

Resolution

Upgrade to SecurityGateway 1.0.2.

References

http://secunia.com/advisories/30497

Limitations

Exploit works on Alt-N SecurityGateway 1.0.1.

Platforms

Windows

Back to exploit index