Critical vulnerability in Alt-N SecurityGateway
An exploit of vulnerability in the Alt-N SecurityGateway has been published on Milw0rm. A username
parameter longer than 720 bytes provokes a buffer overflow in the web interface. As the instruction pointer can be controlled when the stack is overwritten, injected code can also be launched.
The current version 1.0.1 is reportedly affected, but previous versions may also be vulnerable. No update has yet been made available. Users are advised to restrict access to the web interface of the firewall.
See also:
- SecurityGateway 1.0.1 Remote Buffer Overflow, Milw0rm exploit report
(mba)