CVE-2008-5421 — MEDIUM (5.0)

Q: How severe is CVE-2008-5421?

CVE-2008-5421 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-5421?

Check the references section above for vendor advisories and patch information. Affected products include: Netwin Smsgate.

Vulnerability Description

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service (hang) via (1) a large integer in the Content-Length HTTP header; (2) an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or (3) a missing Content-Length HTTP header.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Netwin	Smsgate	<= 1.1n

Related Weaknesses (CWE)

CWE-399

References

http://aluigi.altervista.org/adv/smsgheit-adv.txtExploit
http://secunia.com/advisories/29149Vendor Advisory
http://www.securityfocus.com/bid/28048
http://aluigi.altervista.org/adv/smsgheit-adv.txtExploit
http://secunia.com/advisories/29149Vendor Advisory
http://www.securityfocus.com/bid/28048

FAQ

What is CVE-2008-5421?

CVE-2008-5421 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service (hang) via (1) a large integer in the Content-Length HTTP header; (2) an inva...

How severe is CVE-2008-5421?

CVE-2008-5421 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-5421?

Check the references section above for vendor advisories and patch information. Affected products include: Netwin Smsgate.