Qbik WinGate Remote Denial Of Service Vulnerability

Bugtraq ID:	21295
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2006-4518
Remote:	Yes
Local:	No
Published:	Nov 26 2006 12:00AM
Updated:	Nov 28 2006 11:09PM
Credit:	This issue was discovered by Michael Sutton of iDefense Labs.
Vulnerable:	Qbik WinGate 6.1.4 .1099 Qbik WinGate 6.1.3 .1096 Qbik WinGate 6.1.2 .1094 Qbik WinGate 6.1.1 .1077 Qbik WinGate 6.1
Not Vulnerable:	Qbik WinGate 6.2

Qbik WinGate Remote Denial Of Service Vulnerability

Qbik WinGate is prone to a remote denial-of-service vulnerability because it fails to properly handle certain DNS requests.

A remote attacker may exploit this issue to crash the application, denying service to legitimate users.

WinGate 6.1 is reported vulnerable; other versions may be affected as well.

Qbik WinGate Remote Denial Of Service Vulnerability

Attackers can use network utilities to craft a packet that triggers this issue.

Qbik WinGate Remote Denial Of Service Vulnerability

Solution:
The vendor has released an update to address this issue.


Qbik WinGate 6.1

• Qbik WinGate6.2.0.1121-USE.EXE
  http://downloads.qbik.com/qbiknz2/downloads/WinGate6.2.0.1121-USE.EXE

Qbik WinGate 6.1.1 .1077

• Qbik WinGate6.2.0.1121-USE.EXE
  http://downloads.qbik.com/qbiknz2/downloads/WinGate6.2.0.1121-USE.EXE

Qbik WinGate 6.1.2 .1094

• Qbik WinGate6.2.0.1121-USE.EXE
  http://downloads.qbik.com/qbiknz2/downloads/WinGate6.2.0.1121-USE.EXE

Qbik WinGate 6.1.3 .1096

• Qbik WinGate6.2.0.1121-USE.EXE
  http://downloads.qbik.com/qbiknz2/downloads/WinGate6.2.0.1121-USE.EXE

Qbik WinGate Remote Denial Of Service Vulnerability

References:

• Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability (iDefense)
  
• WinGate Product Homepage (Qbik)
  
• iDefense Security Advisory 11.26.06: Qbik WinGate Compressed Name Pointer Denial (iDefense)