Signature Detail
Short Name |
APP:BRG-MAIL-US-PASS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
APP |
Keywords |
BirghtMail-Anti-Spam-Access |
Release Date |
2005/07/25 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: BirghtMail-Anti-Spam-Access
This signature detects attempts to exploit a known vulnerability against Brightmail AntiSpam. Versions earlier than 6.0.2 are vulnerable. Attackers can exploit a hard-coded database administrator password vulnerability to bypass security restrictions and gain administrative access. This could allow attackers to modify the device behavior.
Extended Description
Symantec Brightmail AntiSpam is susceptible to a remote information disclosure vulnerability. This issue is due to a failure of the application to properly ensure that remote database access is properly disabled. In cases where the affected package was upgraded, rather than freshly installed, remote database access was not properly disabled. Remote access to the database may be simplified for attackers, as the database utilizes a static password. This vulnerability allows remote attackers to gain access to potentially sensitive database contents.
Affected Products
- Symantec Brightmail Anti-Spam 4.0.0
- Symantec Brightmail Anti-Spam 5.5.0
- Symantec Brightmail Anti-Spam 6.0.0
- Symantec Brightmail Anti-Spam 6.0.1
References