Summary
This host is running Symantec Messaging Gateway and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to bypass certain security restrictions, disclose certain sensitive information and conduct cross-site scripting and request forgery attacks.
Impact Level: System/Application
Solution
Upgrade to Symantec Messaging Gateway version 10.0 or later, For updates refer to http://www.symantec.com/messaging-gateway
Insight
Multiple flaws are due to,
- Certain input passed via web or email content is not properly sanitised before being returned to the user.
- The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests.
- An error within the management interface can be exploited to perform otherwise restricted actions(modify the underlying web application).
- An SSH default passworded account that could potentially be leveraged by an unprivileged user to attempt to gain additional privilege access.
- Disclose of excessive component version information during successful reconnaissance.
Affected
Symantec Messaging Gateway version 9.5.x
References
- http://www.securelist.com/en/advisories/50435
- http://www.securityfocus.com/archive/1/524060
- http://www.securitytracker.com/id/1027449
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120827_00
- https://www.hkcert.org/my_url/en/alert/12082901
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-0307, CVE-2012-0308, CVE-2012-3579, CVE-2012-3580, CVE-2012-3581 -
CVSS Base Score: 7.9
AV:A/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities