In association with heise online

14 August 2007, 14:48

Qbik Wingate closes format string vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Wingate Gateway server product from Qbik contains a vulnerability which attackers can exploit to execute remotely injected malicious code. A software update eliminates the problem.

The vulnerability affects Wingate's SMTP components. If an attacker sends unknown commands or commands in an unusual sequence to the SMTP server, the SMTP session goes into an invalid state. During logging of the error that has occurred, the software copies the user's data input with an unsafe vsprintf() request which can cause the server to crash, according to the security advisory from Harmony Security. Apparently, the results of further investigations by security service provider Secunia have shown that injected code can be executed in this manner.

The vulnerability is contained in Wingate versions 5.x and 6.x. The current version 6.2.2 eliminates the vulnerability. Administrators should install the software update immediately.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733450
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit