CVE-2008-0871

Name of the Vulnerable Software and Affected Versions Now SMS/MMS Gateway versions 2007.06.27 and earlier

Description The issue allows remote attackers to execute arbitrary code. This can be achieved via a long password in an Authorization header to the HTTP service or a large packet to the SMPP service.

Recommendations For Now SMS/MMS Gateway versions 2007.06.27 and earlier, consider updating to a version later than 2007.06.27 to resolve the issue. As a temporary workaround, restrict access to the HTTP and SMPP services to minimize the risk of exploitation. Avoid using long passwords in the Authorization header and limit the size of packets to the SMPP service until the issue is resolved.