Intrusion Prevention

Wingate.WWW.Proxy.Server.Request.Buffer.Overflow

Description

Indicates a possible attempt at exploiting a Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate. The application fails to properly validate user-supplied input before copying it to an internal buffer. A successful exploit could allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.

Affected Products

Qbik WinGate 6.1.1.1077 (other versions may be affected)

Impact

Denial of service
System compromise

Recommended Actions

Fortinet is unaware of any updates from the vendor. Please visit the vendors site (see reference section).

CVE References

CVE-2006-2926