CVE-2005-3653

Name of the Vulnerable Software and Affected Versions iTechnology iGateway versions prior to 4.0.051230

Description The issue is a heap-based buffer overflow in the iGateway service, allowing remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. This can be achieved by sending a crafted HTTP request.

Recommendations For versions prior to 4.0.051230, update to version 4.0.051230 or later to resolve the issue. As a temporary workaround, consider restricting access to the iGateway service to minimize the risk of exploitation. Avoid using HTTP requests with negative Content-Length fields in the affected service until the issue is resolved.