 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.802453 |
| Categoría: | Default Accounts |
| Título: | Symantec Messaging Gateway < 10.0 Multiple Vulnerabilities |
| Resumen: | Symantec Messaging Gateway is prone to multiple vulnerabilities. |
| Descripción: | Summary: Symantec Messaging Gateway is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Certain input passed via web or email content is not properly sanitised before being returned to the user. - The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. - An error within the management interface can be exploited to perform otherwise restricted actions(modify the underlying web application). - An SSH default passworded account that could potentially be leveraged by an unprivileged user to attempt to gain additional privilege access. - Disclose of excessive component version information during successful reconnaissance. Vulnerability Impact: Successful exploitation will allow attackers to bypass certain security restrictions, disclose certain sensitive information and conduct cross-site scripting and request forgery attacks. Affected Software/OS: Symantec Messaging Gateway version 9.5.x. Solution: Upgrade to Symantec Messaging Gateway version 10.0 or later. CVSS Score: 7.9 CVSS Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-0307 BugTraq ID: 55138 http://www.securityfocus.com/bid/55138 XForce ISS Database: symantec-gateway-unspec-xss(78031) https://exchange.xforce.ibmcloud.com/vulnerabilities/78031 Common Vulnerability Exposure (CVE) ID: CVE-2012-0308 BugTraq ID: 55137 http://www.securityfocus.com/bid/55137 Common Vulnerability Exposure (CVE) ID: CVE-2012-3579 BugTraq ID: 55143 http://www.securityfocus.com/bid/55143 http://packetstormsecurity.com/files/116277/Symantec-Messaging-Gateway-9.5-Default-SSH-Password.html XForce ISS Database: symantec-gateway-default-password(78034) https://exchange.xforce.ibmcloud.com/vulnerabilities/78034 Common Vulnerability Exposure (CVE) ID: CVE-2012-3580 BugTraq ID: 55141 http://www.securityfocus.com/bid/55141 XForce ISS Database: symantec-gateway-interface-sec-bypass(78032) https://exchange.xforce.ibmcloud.com/vulnerabilities/78032 Common Vulnerability Exposure (CVE) ID: CVE-2012-3581 BugTraq ID: 55142 http://www.securityfocus.com/bid/55142 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |