Details of VAR-201208-0497

ID

VAR-201208-0497

CVE

CVE-2012-3580

TITLE

Symantec Messaging Gateway In Web Application modification vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-003970

DESCRIPTION

Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. Symantec Messaging Gateway (formerly known as Brightmail Gateway Small Business Edition) is an easy-to-use email virus protection hardware that provides accurate and effective anti-spam protection. Symantec Messaging Gateway is prone to a security-bypass vulnerability. Symantec Messaging Gateway 9.5.x versions are vulnerable. Symantec Messaging Gateway is a spam filter that integrates anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies from Symantec. ---------------------------------------------------------------------- The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta ---------------------------------------------------------------------- TITLE: Symantec Messaging Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA50435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50435 RELEASE DATE: 2012-08-28 DISCUSS ADVISORY: http://secunia.com/advisories/50435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Symantec Messaging Gateway, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose certain sensitive information and conduct cross-site scripting and request forgery attacks. 1) Certain input passed via web or email content is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session. 2) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. gain administrative access when a logged-in administrative user visits a specially crafted web page. 3) An error within the management interface can be exploited to perform otherwise restricted actions and e.g. modify the underlying web application. 4) The weakness is caused due to the application disclosing detailed component version information. The vulnerabilities are reported in versions 9.5.x and prior. SOLUTION: Upgrade to version 10. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ben Williams, NGS Secure. ORIGINAL ADVISORY: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2012-3580 // JVNDB: JVNDB-2012-003970 // CNVD: CNVD-2012-4494 // BID: 55141 // VULHUB: VHN-56861 // PACKETSTORM: 115966

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-4494

AFFECTED PRODUCTS

vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5	Trust: 2.5
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.1	Trust: 2.5
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.2	Trust: 1.6
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.3	Trust: 1.6
vendor:	symantec	model:	messaging gateway	scope:	lte	version:	9.5.4	Trust: 1.0
vendor:	symantec	model:	messaging gateway	scope:	lt	version:	10.0	Trust: 0.8
vendor:	symantec	model:	messaging gateway	scope:	eq	version:	9.5.4	Trust: 0.6

sources: CNVD: CNVD-2012-4494 // BID: 55141 // JVNDB: JVNDB-2012-003970 // CNNVD: CNNVD-201208-555 // NVD: CVE-2012-3580

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3580
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3580
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201208-555
value:	HIGH
Trust: 0.6
VULHUB:	VHN-56861
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3580
severity:	HIGH
baseScore:	7.7
vectorString:	AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-56861
severity:	HIGH
baseScore:	7.7
vectorString:	AV:A/AC:L/AU:S/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.1
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56861 // JVNDB: JVNDB-2012-003970 // CNNVD: CNNVD-201208-555 // NVD: CVE-2012-3580

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-3580

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201208-555

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201208-555

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003970

PATCH

title:	SYM12-013	url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 0.8
title:	SYM12-013	url:	http://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20120827_00	Trust: 0.8
title:	Patch for Symantec Messaging Gateway Security Bypass Vulnerability (CNVD-2012-4494)	url:	https://www.cnvd.org.cn/patchInfo/show/20815	Trust: 0.6

sources: CNVD: CNVD-2012-4494 // JVNDB: JVNDB-2012-003970

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3580	Trust: 3.4
db:	BID	id:	55141	Trust: 2.0
db:	JVNDB	id:	JVNDB-2012-003970	Trust: 0.8
db:	CNNVD	id:	CNNVD-201208-555	Trust: 0.7
db:	SECUNIA	id:	50435	Trust: 0.7
db:	CNVD	id:	CNVD-2012-4494	Trust: 0.6
db:	NSFOCUS	id:	20472	Trust: 0.6
db:	VULHUB	id:	VHN-56861	Trust: 0.1
db:	PACKETSTORM	id:	115966	Trust: 0.1

sources: CNVD: CNVD-2012-4494 // VULHUB: VHN-56861 // BID: 55141 // JVNDB: JVNDB-2012-003970 // PACKETSTORM: 115966 // CNNVD: CNNVD-201208-555 // NVD: CVE-2012-3580

REFERENCES

url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 2.0
url:	http://www.securityfocus.com/bid/55141	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/78032	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3580	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3580	Trust: 0.8
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisoryhttp	Trust: 0.6
url:	http://secunia.com/advisories/50435	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20472	Trust: 0.6
url:	http://www.symantec.com/messaging-gateway	Trust: 0.3
url:	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50435	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/50435/#comments	Trust: 0.1
url:	http://secunia.com/csi6beta	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/50435/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2012-4494 // VULHUB: VHN-56861 // BID: 55141 // JVNDB: JVNDB-2012-003970 // PACKETSTORM: 115966 // CNNVD: CNNVD-201208-555 // NVD: CVE-2012-3580

CREDITS

Ben Williams

Trust: 0.9

sources: BID: 55141 // CNNVD: CNNVD-201208-555

SOURCES

db:	CNVD	id:	CNVD-2012-4494
db:	VULHUB	id:	VHN-56861
db:	BID	id:	55141
db:	JVNDB	id:	JVNDB-2012-003970
db:	PACKETSTORM	id:	115966
db:	CNNVD	id:	CNNVD-201208-555
db:	NVD	id:	CVE-2012-3580

LAST UPDATE DATE

2024-11-23T22:23:22.821000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-4494	date:	2012-08-29T00:00:00
db:	VULHUB	id:	VHN-56861	date:	2017-08-29T00:00:00
db:	BID	id:	55141	date:	2012-08-27T00:00:00
db:	JVNDB	id:	JVNDB-2012-003970	date:	2012-08-30T00:00:00
db:	CNNVD	id:	CNNVD-201208-555	date:	2012-08-30T00:00:00
db:	NVD	id:	CVE-2012-3580	date:	2024-11-21T01:41:11.100

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-4494	date:	2012-08-29T00:00:00
db:	VULHUB	id:	VHN-56861	date:	2012-08-29T00:00:00
db:	BID	id:	55141	date:	2012-08-27T00:00:00
db:	JVNDB	id:	JVNDB-2012-003970	date:	2012-08-30T00:00:00
db:	PACKETSTORM	id:	115966	date:	2012-08-28T06:01:36
db:	CNNVD	id:	CNNVD-201208-555	date:	2012-08-29T00:00:00
db:	NVD	id:	CVE-2012-3580	date:	2012-08-29T10:56:40.190