VAR-200809-0162
Vulnerability from variot - Updated: 2023-12-18 13:53Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter. SecurityGateway is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Failed exploit attempts will result in a denial-of-service condition. SecurityGateway 1.0.1 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: Alt-N SecurityGateway "username" Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA30497
VERIFY ADVISORY: http://secunia.com/advisories/30497/
CRITICAL: Highly critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: Alt-N SecurityGateway 1.x http://secunia.com/product/18916/
DESCRIPTION: securfrog has discovered a vulnerability in Alt-N SecurityGateway, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the processing of HTTP requests sent to the administrative web interface.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 1.0.1.
SOLUTION: Restrict network access to the administrative web interface.
PROVIDED AND/OR DISCOVERED BY: securfrog
ORIGINAL ADVISORY: http://milw0rm.com/exploits/5718
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200809-0162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "securitygateway",
"scope": "eq",
"trust": 2.4,
"vendor": "alt n",
"version": "1.0.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:alt-n:securitygateway:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-4193"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "securfrog",
"sources": [
{
"db": "BID",
"id": "29457"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
],
"trust": 0.9
},
"cve": "CVE-2008-4193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-4193",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-34318",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-4193",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200809-345",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-34318",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter. SecurityGateway is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Failed exploit attempts will result in a denial-of-service condition. \nSecurityGateway 1.0.1 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\nWant a new job?\n\nhttp://secunia.com/secunia_security_specialist/\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nAlt-N SecurityGateway \"username\" Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA30497\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/30497/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nAlt-N SecurityGateway 1.x\nhttp://secunia.com/product/18916/\n\nDESCRIPTION:\nsecurfrog has discovered a vulnerability in Alt-N SecurityGateway,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to a boundary error in the processing\nof HTTP requests sent to the administrative web interface. \n\nSuccessful exploitation allows execution of arbitrary code. \n\nThe vulnerability is confirmed in version 1.0.1. \n\nSOLUTION:\nRestrict network access to the administrative web interface. \n\nPROVIDED AND/OR DISCOVERED BY:\nsecurfrog\n\nORIGINAL ADVISORY:\nhttp://milw0rm.com/exploits/5718\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "BID",
"id": "29457"
},
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "PACKETSTORM",
"id": "66887"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-34318",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-4193",
"trust": 2.8
},
{
"db": "BID",
"id": "29457",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "30497",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "5718",
"trust": 1.8
},
{
"db": "SREASON",
"id": "4302",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "5827",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020156",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1717",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460",
"trust": 0.8
},
{
"db": "MILW0RM",
"id": "5827",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "5718",
"trust": 0.6
},
{
"db": "XF",
"id": "42769",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-71305",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84567",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16803",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-34318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "66887",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "BID",
"id": "29457"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "PACKETSTORM",
"id": "66887"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"id": "VAR-200809-0162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:50.934000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SecurityGateway for Exchange/SMTP v2.0 Release Notes",
"trust": 0.8,
"url": "http://files.altn.com/securitygateway/release/relnotes_en.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/29457"
},
{
"trust": 1.7,
"url": "http://files.altn.com/securitygateway/release/relnotes_en.htm"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020156"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30497"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/4302"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1717/references"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/5718"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/5827"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42769"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4193"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4193"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/42769"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/5827"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/5718"
},
{
"trust": 0.3,
"url": "http://www.altn.com/"
},
{
"trust": 0.3,
"url": "http://www.altn.com/products/securitygateway-email-firewall/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/18916/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://milw0rm.com/exploits/5718"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/30497/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "BID",
"id": "29457"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "PACKETSTORM",
"id": "66887"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-34318"
},
{
"db": "BID",
"id": "29457"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"db": "PACKETSTORM",
"id": "66887"
},
{
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-34318"
},
{
"date": "2008-06-01T00:00:00",
"db": "BID",
"id": "29457"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"date": "2008-06-02T21:20:05",
"db": "PACKETSTORM",
"id": "66887"
},
{
"date": "2008-09-24T11:42:25.297000",
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"date": "2008-09-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-34318"
},
{
"date": "2015-05-07T17:28:00",
"db": "BID",
"id": "29457"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003460"
},
{
"date": "2017-09-29T01:32:02.883000",
"db": "NVD",
"id": "CVE-2008-4193"
},
{
"date": "2009-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SecurityGateway \u0027SecurityGateway.dll\u0027 Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "29457"
},
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200809-345"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…