This host is running Symantec Web Gateway and is prone to cross-site scripting and SQL injection vulnerabilities.

Successful exploitation will allow attackers to execute arbitrary code in the context of the application, bypass certain security restrictions and conduct SQL injection attacks. Impact Level: Application

Upgrade to Symantec Web Gateway 5.2 or later, For updates refer to http://www.symantec.com/business/web-gateway

Flaws are due to, - Certain unspecified input is not properly sanitised before being returned to the user. - An input passed via the 'operand[]' parameter to /spywall/blacklist.php is not properly sanitised before being returned to the user.

Symantec Web Gateway versions prior to 5.2

Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.

• http://osvdb.org/103145
• http://packetstormsecurity.com/files/125149
• http://seclists.org/fulldisclosure/2014/Feb/94
• http://secunia.com/advisories/56895

---

Updated on 2015-03-25