Summaryinfo

A vulnerability was found in Now Wireless NowSMS 2013.11.11. It has been classified as problematic. The affected element is an unknown function of the component MM1 Handler. The manipulation leads to denial of service. There is no available exploit. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability was found in Now Wireless NowSMS 2013.11.11. It has been rated as critical. This issue affects an unknown code block of the component MM1 Handler. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability.

The weakness was presented 11/15/2013 as nowsms20131115 as not defined release notes (Website). It is possible to read the advisory at nowsms.com. The attack may be initiated remotely. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 2013.11.15 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

The vulnerability is also documented in the databases at OSVDB (100242†) and Secunia (SA55805†). See VDB-11304, VDB-65671 and VDB-65670 for similar entries. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Affected

• NowSMS 2013.09.26/2013.11.11
• NowMMS 2013.09.26/2013.11.11

Productinfo

Vendor

• Now Wireless

Name

• NowSMS

Version

• 2013.11.11

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion