In association with heise online

03 June 2008, 10:22

Critical vulnerability in Alt-N SecurityGateway

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An exploit of vulnerability in the Alt-N SecurityGateway has been published on Milw0rm. A username parameter longer than 720 bytes provokes a buffer overflow in the web interface. As the instruction pointer can be controlled when the stack is overwritten, injected code can also be launched.

The current version 1.0.1 is reportedly affected, but previous versions may also be vulnerable. No update has yet been made available. Users are advised to restrict access to the web interface of the firewall.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit