CVE-2008-5421

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service (hang) via (1) a large integer in the Content-Length HTTP header; (2) an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or (3) a missing Content-Length HTTP header.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
netwinsmsgate
𝑥
≤ 1.1n
netwinsmsgate
1.0a:a
netwinsmsgate
1.0c:c
netwinsmsgate
1.0h:h
netwinsmsgate
1.0r:r
netwinsmsgate
1.0w:w
netwinsmsgate
1.1m:m
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.altervista.org/adv/smsgheit-adv.txt
http://secunia.com/advisories/29149
http://www.securityfocus.com/bid/28048
http://aluigi.altervista.org/adv/smsgheit-adv.txt
http://secunia.com/advisories/29149
http://www.securityfocus.com/bid/28048