APP: Symantec Messaging Gateway Directory Traversal
This signature detects attempts to exploit a known vulnerability in the Symantec Messaging Gateway. It is due to insufficient input validation. By sending crafted requests, a remote, authenticated attacker can exploit this vulnerability to disclose sensitive information on the server.
Extended Description
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.
Affected Products
Symantec messaging_gateway
Short Name
APP:SYMC:MESSAGING-DIR-TRAV
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2012-4347 Directory Gateway Messaging Symantec Traversal bid:56789
Release Date
01/09/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Symantec
CVSS Score
5.0