Signature Detail
Short Name |
APP:SYMC:MESSAGING-DIR-TRAV |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Symantec Messaging Gateway Directory Traversal |
Release Date |
2013/01/09 |
Update Number |
2223 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Symantec Messaging Gateway Directory Traversal
This signature detects attempts to exploit a known vulnerability in the Symantec Messaging Gateway. It is due to insufficient input validation. By sending crafted requests, a remote, authenticated attacker can exploit this vulnerability to disclose sensitive information on the server.
Extended Description
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.
Affected Products
- symantec messaging_gateway 9.5
- symantec messaging_gateway 9.5.1
- symantec messaging_gateway 9.5.2
- symantec messaging_gateway 9.5.3
- symantec messaging_gateway 9.5.4
References
- BugTraq: 56789
- CVE: CVE-2012-4347