Details of VAR-201208-0496

ID

VAR-201208-0496

CVE

CVE-2012-3579

TITLE

Symantec Messaging Gateway SSH default password security bypass vulnerability

Trust: 1.5

sources: CNVD: CNVD-2012-4498 // BID: 55143 // CNNVD: CNNVD-201208-553

DESCRIPTION

Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. Symantec Messaging Gateway (formerly known as Brightmail Gateway Small Business Edition) is an easy-to-use email virus protection hardware that provides accurate and effective anti-spam protection. Allows non-privileged users to exploit this vulnerability to gain privileged access to the application. Successful attacks can allow an attacker to obtain sensitive information, bypass certain security restrictions, and perform unauthorized administrative actions. Symantec Messaging Gateway is a spam filter that integrates anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies from Symantec. ---------------------------------------------------------------------- The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta ---------------------------------------------------------------------- TITLE: Symantec Messaging Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA50435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50435 RELEASE DATE: 2012-08-28 DISCUSS ADVISORY: http://secunia.com/advisories/50435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Symantec Messaging Gateway, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose certain sensitive information and conduct cross-site scripting and request forgery attacks. 1) Certain input passed via web or email content is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session. 2) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. gain administrative access when a logged-in administrative user visits a specially crafted web page. 3) An error within the management interface can be exploited to perform otherwise restricted actions and e.g. modify the underlying web application. 4) The weakness is caused due to the application disclosing detailed component version information. The vulnerabilities are reported in versions 9.5.x and prior. SOLUTION: Upgrade to version 10. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ben Williams, NGS Secure. ORIGINAL ADVISORY: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2012-3579 // JVNDB: JVNDB-2012-003969 // CNVD: CNVD-2012-4498 // BID: 55143 // VULHUB: VHN-56860 // PACKETSTORM: 115966

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-4498

AFFECTED PRODUCTS

vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5	Trust: 2.5
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.1	Trust: 2.5
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.2	Trust: 1.6
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.3	Trust: 1.6
vendor:	symantec	model:	messaging gateway	scope:	lte	version:	9.5.4	Trust: 1.0
vendor:	symantec	model:	messaging gateway	scope:	lt	version:	10.0	Trust: 0.8
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.4	Trust: 0.6

sources: CNVD: CNVD-2012-4498 // BID: 55143 // JVNDB: JVNDB-2012-003969 // CNNVD: CNNVD-201208-553 // NVD: CVE-2012-3579

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3579
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3579
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201208-553
value:	HIGH
Trust: 0.6
VULHUB:	VHN-56860
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3579
severity:	HIGH
baseScore:	7.9
vectorString:	AV:A/AC:M/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-56860
severity:	HIGH
baseScore:	7.9
vectorString:	AV:A/AC:M/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56860 // JVNDB: JVNDB-2012-003969 // CNNVD: CNNVD-201208-553 // NVD: CVE-2012-3579

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-56860 // JVNDB: JVNDB-2012-003969 // NVD: CVE-2012-3579

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201208-553

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201208-553

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003969

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-56860

PATCH

title:	SYM12-013	url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 0.8
title:	SYM12-013	url:	http://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20120827_00	Trust: 0.8
title:	Symantec Messaging Gateway SSH default password security bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/20831	Trust: 0.6

sources: CNVD: CNVD-2012-4498 // JVNDB: JVNDB-2012-003969

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3579	Trust: 3.4
db:	BID	id:	55143	Trust: 2.0
db:	PACKETSTORM	id:	116277	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-003969	Trust: 0.8
db:	CNNVD	id:	CNNVD-201208-553	Trust: 0.7
db:	SECUNIA	id:	50435	Trust: 0.7
db:	CNVD	id:	CNVD-2012-4498	Trust: 0.6
db:	NSFOCUS	id:	20470	Trust: 0.6
db:	SEEBUG	id:	SSVID-74975	Trust: 0.1
db:	EXPLOIT-DB	id:	21136	Trust: 0.1
db:	VULHUB	id:	VHN-56860	Trust: 0.1
db:	PACKETSTORM	id:	115966	Trust: 0.1

sources: CNVD: CNVD-2012-4498 // VULHUB: VHN-56860 // BID: 55143 // JVNDB: JVNDB-2012-003969 // PACKETSTORM: 115966 // CNNVD: CNNVD-201208-553 // NVD: CVE-2012-3579

REFERENCES

url:	http://www.securityfocus.com/bid/55143	Trust: 1.7
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 1.7
url:	http://packetstormsecurity.com/files/116277/symantec-messaging-gateway-9.5-default-ssh-password.html	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/78034	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3579	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3579	Trust: 0.8
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisoryhttp	Trust: 0.6
url:	http://secunia.com/advisories/50435	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20470	Trust: 0.6
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50435	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/50435/#comments	Trust: 0.1
url:	http://secunia.com/csi6beta	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/50435/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2012-4498 // VULHUB: VHN-56860 // JVNDB: JVNDB-2012-003969 // PACKETSTORM: 115966 // CNNVD: CNNVD-201208-553 // NVD: CVE-2012-3579

CREDITS

Florian Lukavsky with SEC Consulting

Trust: 0.6

sources: CNNVD: CNNVD-201208-553

SOURCES

db:	CNVD	id:	CNVD-2012-4498
db:	VULHUB	id:	VHN-56860
db:	BID	id:	55143
db:	JVNDB	id:	JVNDB-2012-003969
db:	PACKETSTORM	id:	115966
db:	CNNVD	id:	CNNVD-201208-553
db:	NVD	id:	CVE-2012-3579

LAST UPDATE DATE

2024-11-23T22:23:22.861000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-4498	date:	2012-08-29T00:00:00
db:	VULHUB	id:	VHN-56860	date:	2017-08-29T00:00:00
db:	BID	id:	55143	date:	2012-09-07T11:10:00
db:	JVNDB	id:	JVNDB-2012-003969	date:	2012-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201208-553	date:	2012-08-29T00:00:00
db:	NVD	id:	CVE-2012-3579	date:	2024-11-21T01:41:10.963

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-4498	date:	2012-08-29T00:00:00
db:	VULHUB	id:	VHN-56860	date:	2012-08-29T00:00:00
db:	BID	id:	55143	date:	2012-08-27T00:00:00
db:	JVNDB	id:	JVNDB-2012-003969	date:	2012-08-30T00:00:00
db:	PACKETSTORM	id:	115966	date:	2012-08-28T06:01:36
db:	CNNVD	id:	CNNVD-201208-553	date:	2012-08-29T00:00:00
db:	NVD	id:	CVE-2012-3579	date:	2012-08-29T10:56:40.143