Qbik WinGate WWW Proxy Server URL Processing Overflow

vendor:

WinGate

by:

patrick

7.5

CVSS

HIGH

Stack Buffer Overflow

CWE

Product Name: WinGate

Affected Version From: 6.1.1.1077

Affected Version To: 6.1.1.1077

Patch Exists: NO

Related CWE: CVE-2006-2926

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Windows

2006

Qbik WinGate WWW Proxy Server URL Processing Overflow

This module exploits a stack buffer overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code.

Mitigation:

Update to the latest version of Qbik WinGate.

Source

Qbik WinGate WWW Proxy Server URL Processing Overflow

Mitigation:

Exploit-DB raw data: