Details of VAR-201207-0236

ID

VAR-201207-0236

CVE

CVE-2012-2961

TITLE

Symantec Web Gateway SQL Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2012-3862 // CNNVD: CNNVD-201207-419

DESCRIPTION

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Symantec Security For advisories, this vulnerability is SQL "Injection".By any third party SQL The command may be executed. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Symantec Web Gateway (SWG) is a set of network content filtering software developed by Symantec Corporation of the United States. The software provides web content filtering, data loss prevention, and more. ---------------------------------------------------------------------- We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi ---------------------------------------------------------------------- TITLE: Symantec Web Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA50031 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50031/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50031 RELEASE DATE: 2012-07-23 DISCUSS ADVISORY: http://secunia.com/advisories/50031/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50031/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50031 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Symantec Web Gateway, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, conduct SQL injection attacks, and compromise a vulnerable system. 1) The application improperly validates certain input via the management console and can be exploited to inject arbitrary shell commands. 2) An error within the authentication mechanism of the application can be exploited to bypass the authentication by modification of certain local files. 3) Certain unspecified input passed to the management console is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) The application improperly validates certain input to multiple scripts via the management console and can be exploited to e.g. inject arbitrary shell commands. 5) The application improperly validates certain input via the management console and can be exploited to change the password of an arbitrary user of the application. The vulnerabilities are reported in versions prior to Database Update 5.0.0.438. SOLUTION: Apply Database Update 5.0.0.438. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Offensive Security via CERT/CC 2, 3) Offensive Security via CERT/CC and an anonymous person via CERT/CC. 4, 5) An anonymous person via CERT/CC. ORIGINAL ADVISORY: SYM12-011: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.33

sources: NVD: CVE-2012-2961 // CERT/CC: VU#108471 // JVNDB: JVNDB-2012-003293 // CNVD: CNVD-2012-3862 // BID: 54425 // VULHUB: VHN-56242 // PACKETSTORM: 114935

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-3862

AFFECTED PRODUCTS

vendor:	symantec	model:	web gateway	scope:	eq	version:	5.0.3	Trust: 2.5
vendor:	symantec	model:	web gateway	scope:	eq	version:	5.0.1	Trust: 2.5
vendor:	symantec	model:	web gateway	scope:	eq	version:	5.0.2	Trust: 1.6
vendor:	symantec	model:	web gateway	scope:	eq	version:	5.0	Trust: 1.6
vendor:	symantec	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	web gateway	scope:	eq	version:	5.0.3.18	Trust: 0.8
vendor:	symantec	model:	web gateway	scope:	lt	version:	5.0.x	Trust: 0.8

sources: CERT/CC: VU#108471 // CNVD: CNVD-2012-3862 // BID: 54425 // JVNDB: JVNDB-2012-003293 // CNNVD: CNNVD-201207-419 // NVD: CVE-2012-2961

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-2961
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-2961
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201207-419
value:	HIGH
Trust: 0.6
VULHUB:	VHN-56242
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-2961
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-56242
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56242 // JVNDB: JVNDB-2012-003293 // CNNVD: CNNVD-201207-419 // NVD: CVE-2012-2961

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.9

sources: VULHUB: VHN-56242 // JVNDB: JVNDB-2012-003293 // NVD: CVE-2012-2961

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-419

TYPE

sql injection

Trust: 0.7

sources: PACKETSTORM: 114935 // CNNVD: CNNVD-201207-419

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003293

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-56242

PATCH

title:	SYM12-011	url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_00	Trust: 0.8
title:	SYM12-011	url:	http://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00	Trust: 0.8
title:	Patch for Symantec Web Gateway SQL Injection Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/19133	Trust: 0.6

sources: CNVD: CNVD-2012-3862 // JVNDB: JVNDB-2012-003293

EXTERNAL IDS

db:	NVD	id:	CVE-2012-2961	Trust: 3.4
db:	CERT/CC	id:	VU#108471	Trust: 2.7
db:	BID	id:	54425	Trust: 2.0
db:	JVNDB	id:	JVNDB-2012-003293	Trust: 0.8
db:	CNNVD	id:	CNNVD-201207-419	Trust: 0.7
db:	SECUNIA	id:	50031	Trust: 0.7
db:	CNVD	id:	CNVD-2012-3862	Trust: 0.6
db:	NSFOCUS	id:	20125	Trust: 0.6
db:	PACKETSTORM	id:	114952	Trust: 0.1
db:	EXPLOIT-DB	id:	20044	Trust: 0.1
db:	SEEBUG	id:	SSVID-73942	Trust: 0.1
db:	VULHUB	id:	VHN-56242	Trust: 0.1
db:	PACKETSTORM	id:	114935	Trust: 0.1

sources: CERT/CC: VU#108471 // CNVD: CNVD-2012-3862 // VULHUB: VHN-56242 // BID: 54425 // JVNDB: JVNDB-2012-003293 // PACKETSTORM: 114935 // CNNVD: CNNVD-201207-419 // NVD: CVE-2012-2961

REFERENCES

url:	http://www.kb.cert.org/vuls/id/108471	Trust: 1.9
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00	Trust: 1.8
url:	http://www.securityfocus.com/bid/54425	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/77116	Trust: 1.1
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2961	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu108471	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2961	Trust: 0.8
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_00	Trust: 0.7
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory	Trust: 0.6
url:	http://secunia.com/advisories/50031	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20125	Trust: 0.6
url:	http://www.symantec.com/business/web-gateway	Trust: 0.3
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00	Trust: 0.1
url:	http://secunia.com/advisories/50031/	Trust: 0.1
url:	http://secunia.com/psi	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50031	Trust: 0.1
url:	http://secunia.com/advisories/50031/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

CREDITS

Offensive Security

Trust: 0.9

sources: BID: 54425 // CNNVD: CNNVD-201207-419

SOURCES

db:	CERT/CC	id:	VU#108471
db:	CNVD	id:	CNVD-2012-3862
db:	VULHUB	id:	VHN-56242
db:	BID	id:	54425
db:	JVNDB	id:	JVNDB-2012-003293
db:	PACKETSTORM	id:	114935
db:	CNNVD	id:	CNNVD-201207-419
db:	NVD	id:	CVE-2012-2961

LAST UPDATE DATE

2024-11-23T22:08:48.828000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#108471	date:	2018-03-21T00:00:00
db:	CNVD	id:	CNVD-2012-3862	date:	2012-07-24T00:00:00
db:	VULHUB	id:	VHN-56242	date:	2017-12-22T00:00:00
db:	BID	id:	54425	date:	2012-07-24T18:50:00
db:	JVNDB	id:	JVNDB-2012-003293	date:	2012-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201207-419	date:	2012-07-24T00:00:00
db:	NVD	id:	CVE-2012-2961	date:	2024-11-21T01:40:01.683

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#108471	date:	2012-07-24T00:00:00
db:	CNVD	id:	CNVD-2012-3862	date:	2012-07-24T00:00:00
db:	VULHUB	id:	VHN-56242	date:	2012-07-23T00:00:00
db:	BID	id:	54425	date:	2012-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-003293	date:	2012-07-25T00:00:00
db:	PACKETSTORM	id:	114935	date:	2012-07-23T01:58:36
db:	CNNVD	id:	CNNVD-201207-419	date:	2012-07-24T00:00:00
db:	NVD	id:	CVE-2012-2961	date:	2012-07-23T17:55:03.593