Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:SYMC:WEB-GW-PWD-CHG

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Symantec Web Gateway Password Change

Release Date

 2013/01/17

Update Number

 2225

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Symantec Web Gateway Password Change


This signature detects attempts to exploit a known flaw in Symantec Web Gateway. A successful attack may allow attackers to change another user's password allowing them to gain unauthorized access in the context of the affected user.

Extended Description

Symantec Web Gateway is prone to a security-bypass vulnerability. Successful exploits may allow attackers to change another user's password allowing them to gain unauthorized access in the context of the affected user. This may aid in further attacks. Symantec Web Gateway versions 5.0.x.x are vulnerable.

Affected Products

  • Symantec Web Gateway 5.0.1
  • Symantec Web Gateway 5.0.3
  • Symantec Web Gateway 5.0.3.17
  • Symantec Web Gateway 5.0.3.18

References

  • BugTraq: 54430
  • CVE: CVE-2012-2977

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out