Search
Find a vulnerability
Search criteria
5 vulnerabilities by now
VAR-201312-0282
Vulnerability from variot - Updated: 2025-04-11 23:04The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway before 2013.11.15 allows remote attackers to cause a denial of service via a malformed MM1 message that is routed to a (1) MM4 or (2) MM7 connection. An attacker could use this vulnerability to cause a denial of service. Attackers can exploit these issues to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "now sms \\\u0026 mms gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "nowsms",
"version": "2013.09.26"
},
{
"model": "now sms \\\u0026 mms gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "nowsms",
"version": "2013.11.11"
},
{
"model": "sms \u0026 mms gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "now",
"version": "2013.11.15"
},
{
"model": "now sms \\\u0026 mms gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "nowsms",
"version": "2013.11.11"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nowsms:now_sms_%26_mms_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "63879"
}
],
"trust": 0.3
},
"cve": "CVE-2013-7001",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-7001",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-67003",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-7001",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-7001",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-120",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67003",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67003"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS \u0026 MMS Gateway before 2013.11.15 allows remote attackers to cause a denial of service via a malformed MM1 message that is routed to a (1) MM4 or (2) MM7 connection. An attacker could use this vulnerability to cause a denial of service. \nAttackers can exploit these issues to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7001"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "VULHUB",
"id": "VHN-67003"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7001",
"trust": 2.8
},
{
"db": "BID",
"id": "63879",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "55805",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-67003",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67003"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"id": "VAR-201312-0282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67003"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:04:02.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NowSMS / NowMMS Update 2013.11.15",
"trust": 0.8,
"url": "http://www.nowsms.com/nowsms20131115"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67003"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/63879"
},
{
"trust": 1.7,
"url": "http://www.nowsms.com/nowsms20131115"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/55805"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7001"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7001"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67003"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67003"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-67003"
},
{
"date": "2013-11-18T00:00:00",
"db": "BID",
"id": "63879"
},
{
"date": "2013-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"date": "2013-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"date": "2013-12-07T21:55:10.157000",
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67003"
},
{
"date": "2013-12-10T06:17:00",
"db": "BID",
"id": "63879"
},
{
"date": "2013-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005417"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"date": "2013-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-120"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-7001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NowSMS Now SMS \u0026 MMS Gateway of MMSC Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005417"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-120"
}
],
"trust": 0.6
}
}
VAR-201312-0281
Vulnerability from variot - Updated: 2025-04-11 23:04The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway 2013.09.26 allows remote attackers to cause a denial of service via a malformed message to a MM4 connection. An attacker could use this vulnerability to cause a denial of service. Attackers can exploit these issues to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "now sms \\\u0026 mms gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "nowsms",
"version": "2013.09.26"
},
{
"model": "sms \u0026 mms gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "now",
"version": "2013.09.26"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nowsms:now_sms_%26_mms_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported these issues.",
"sources": [
{
"db": "BID",
"id": "63879"
}
],
"trust": 0.3
},
"cve": "CVE-2013-7000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-7000",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-67002",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-7000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-7000",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-119",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67002",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67002"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS \u0026 MMS Gateway 2013.09.26 allows remote attackers to cause a denial of service via a malformed message to a MM4 connection. An attacker could use this vulnerability to cause a denial of service. \nAttackers can exploit these issues to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7000"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "VULHUB",
"id": "VHN-67002"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7000",
"trust": 2.8
},
{
"db": "BID",
"id": "63879",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "55805",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-67002",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67002"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"id": "VAR-201312-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67002"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:04:02.750000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NowSMS / NowMMS Update 2013.11.15",
"trust": 0.8,
"url": "http://www.nowsms.com/nowsms20131115"
},
{
"title": "nowsms-install",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46878"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67002"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/63879"
},
{
"trust": 1.7,
"url": "http://www.nowsms.com/nowsms20131115"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/55805"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7000"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7000"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67002"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67002"
},
{
"db": "BID",
"id": "63879"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-67002"
},
{
"date": "2013-11-18T00:00:00",
"db": "BID",
"id": "63879"
},
{
"date": "2013-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"date": "2013-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"date": "2013-12-07T21:55:10.123000",
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67002"
},
{
"date": "2013-12-10T06:17:00",
"db": "BID",
"id": "63879"
},
{
"date": "2013-12-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005416"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"date": "2013-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-119"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-7000"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-400"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NowSMS Now SMS \u0026 MMS Gateway of MMSC Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005416"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-119"
}
],
"trust": 0.6
}
}
VAR-200802-0189
Vulnerability from variot - Updated: 2025-04-10 23:11Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service. Now SMS/MMS Gateway is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. These issues affect Now SMS/MMS Gateway 2007.06.27 and prior versions. Now SMS & MMS Gateway (NowSMS) is a suite of SMS and MMS content delivery solutions from Now Wireless, UK. This solution can be used as SMS gateway, MMS gateway, WAP Push gateway and multimedia message center. The Web interface of NowSMS listening on port 8800 allows users to use the gateway to send various types of messages. The function used to process the base64 password in the HTTP Authorization parameter on this interface has a stack overflow vulnerability. If the user sends a message that exceeds 256 bytes, this overflow can be triggered, resulting in the execution of arbitrary instructions. NowSMS uses 4K bytes of stack buffer to accommodate incoming SMPP messages. Due to the lack of checking on the real size of the message (up to 0xffffffff bytes), a remote attacker can trigger stack overflow by sending an oversized message, resulting in the execution of arbitrary instructions. The SMPP server is not enabled by default and has no default listening port.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: Now SMS/MMS Gateway HTTP/SMPP Handling Buffer Overflows
SECUNIA ADVISORY ID: SA29003
VERIFY ADVISORY: http://secunia.com/advisories/29003/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Now SMS/MMS Gateway 2007.x http://secunia.com/product/17663/
DESCRIPTION: Luigi Auriemma has discovered some vulnerabilities in Now SMS/MMS Gateway, which can be exploited by malicious people to compromise a vulnerable system.
Successful exploitation allows execution of arbitrary code.
2) A boundary error in the SMPP server when processing SMPP packets can be exploited to cause a stack-based buffer overflow via a specially crafted SMPP packet.
Successful exploitation allows execution of arbitrary code but requires that the SMPP server is enabled and a specific port is set.
The vulnerabilities are confirmed in version 2007.06.27. Other versions may also be affected.
SOLUTION: Restrict network access to the services.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/nowsmsz-adv.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200802-0189",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sms mms gateway",
"scope": "lte",
"trust": 1.8,
"vendor": "now",
"version": "2007.06.27"
},
{
"model": "sms mms gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "now",
"version": "2007.06.27"
},
{
"model": "wireless now sms \u0026 mms gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "now",
"version": "2007.6.27"
},
{
"model": "wireless now sms \u0026 mms gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "now",
"version": "2008"
}
],
"sources": [
{
"db": "BID",
"id": "27896"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:now:sms_mms_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma\u203b aluigi@pivx.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
}
],
"trust": 0.6
},
"cve": "CVE-2008-0871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2008-0871",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-30996",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-0871",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-0871",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200802-397",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-30996",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service. Now SMS/MMS Gateway is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. \nSuccessfully exploiting these issues will allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. \nThese issues affect Now SMS/MMS Gateway 2007.06.27 and prior versions. Now SMS \u0026 MMS Gateway (NowSMS) is a suite of SMS and MMS content delivery solutions from Now Wireless, UK. This solution can be used as SMS gateway, MMS gateway, WAP Push gateway and multimedia message center. The Web interface of NowSMS listening on port 8800 allows users to use the gateway to send various types of messages. The function used to process the base64 password in the HTTP Authorization parameter on this interface has a stack overflow vulnerability. If the user sends a message that exceeds 256 bytes, this overflow can be triggered, resulting in the execution of arbitrary instructions. NowSMS uses 4K bytes of stack buffer to accommodate incoming SMPP messages. Due to the lack of checking on the real size of the message (up to 0xffffffff bytes), a remote attacker can trigger stack overflow by sending an oversized message, resulting in the execution of arbitrary instructions. The SMPP server is not enabled by default and has no default listening port. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nNow SMS/MMS Gateway HTTP/SMPP Handling Buffer Overflows\n\nSECUNIA ADVISORY ID:\nSA29003\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29003/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNow SMS/MMS Gateway 2007.x\nhttp://secunia.com/product/17663/\n\nDESCRIPTION:\nLuigi Auriemma has discovered some vulnerabilities in Now SMS/MMS\nGateway, which can be exploited by malicious people to compromise a\nvulnerable system. \n\nSuccessful exploitation allows execution of arbitrary code. \n\n2) A boundary error in the SMPP server when processing SMPP packets\ncan be exploited to cause a stack-based buffer overflow via a\nspecially crafted SMPP packet. \n\nSuccessful exploitation allows execution of arbitrary code but\nrequires that the SMPP server is enabled and a specific port is set. \n\nThe vulnerabilities are confirmed in version 2007.06.27. Other\nversions may also be affected. \n\nSOLUTION:\nRestrict network access to the services. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nhttp://aluigi.altervista.org/adv/nowsmsz-adv.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0871"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "BID",
"id": "27896"
},
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "PACKETSTORM",
"id": "63855"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-30996",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0871",
"trust": 2.8
},
{
"db": "BID",
"id": "27896",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "29003",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-0615",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "5695",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135",
"trust": 0.8
},
{
"db": "MILW0RM",
"id": "5695",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080219 MULTIPLE BUFFER-OVERFLOW IN NOWSMS V2007.06.27",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-65432",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71283",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83180",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-30996",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63855",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "BID",
"id": "27896"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "PACKETSTORM",
"id": "63855"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"id": "VAR-200802-0189",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:11:31.769000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://www.nowsms.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/27896"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29003"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/5695"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0871"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0871"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/488365/100/100/threaded"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/5695"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0615"
},
{
"trust": 0.3,
"url": "http://www.nowsms.com/framer.htm?http://www.nowsms.com/newsletter/nowsms2008.htm"
},
{
"trust": 0.3,
"url": "http://www.nowsms.com/"
},
{
"trust": 0.3,
"url": "/archive/1/488365"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/29003/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17663/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "BID",
"id": "27896"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "PACKETSTORM",
"id": "63855"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-30996"
},
{
"db": "BID",
"id": "27896"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"db": "PACKETSTORM",
"id": "63855"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-30996"
},
{
"date": "2008-02-19T00:00:00",
"db": "BID",
"id": "27896"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"date": "2008-02-21T04:22:58",
"db": "PACKETSTORM",
"id": "63855"
},
{
"date": "2008-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"date": "2008-02-21T19:44:00",
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-30996"
},
{
"date": "2015-05-07T17:32:00",
"db": "BID",
"id": "27896"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004135"
},
{
"date": "2009-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-397"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-0871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Now SMS/MMS Gateway Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004135"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-397"
}
],
"trust": 0.6
}
}
CVE-2008-0871 (GCVE-0-2008-0871)
Vulnerability from nvd – Published: 2008-02-21 19:00 – Updated: 2024-08-07 08:01
VLAI
Summary
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/0615 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27896 | vdb-entryx_refsource_BID |
| http://aluigi.altervista.org/adv/nowsmsz-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/29003 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/488365/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/5695 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-02-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0615",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0615",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5695"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0615",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27896"
},
{
"name": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5695"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0871",
"datePublished": "2008-02-21T19:00:00.000Z",
"dateReserved": "2008-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0871 (GCVE-0-2008-0871)
Vulnerability from cvelistv5 – Published: 2008-02-21 19:00 – Updated: 2024-08-07 08:01
VLAI
Summary
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2008/0615 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27896 | vdb-entryx_refsource_BID |
| http://aluigi.altervista.org/adv/nowsmsz-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/29003 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/488365/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/5695 | exploitx_refsource_EXPLOIT-DB |
Date Public
2008-02-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0615",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0615",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5695"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0615",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0615"
},
{
"name": "27896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27896"
},
{
"name": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/nowsmsz-adv.txt"
},
{
"name": "29003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29003"
},
{
"name": "20080219 Multiple buffer-overflow in NowSMS v2007.06.27",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488365/100/100/threaded"
},
{
"name": "5695",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5695"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0871",
"datePublished": "2008-02-21T19:00:00.000Z",
"dateReserved": "2008-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}