HTTP: Symantec Messaging Gateway performRestore Command Injection

A command injection vulnerability has been reported in Symantec Messaging Gateway. A remote attacker can exploit this vulnerability by sending crafted requests to the target server. Successful exploitation results in the execution of arbitrary commands as the administrative user.

Extended Description

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.

Affected Products

Symantec message_gateway

References

BugTraq: 100135

CVE: CVE-2017-6327

URL: https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00 http://seclists.org/fulldisclosure/2017/aug/28

Short Name

HTTP:STC:SYMANTEC-CMD-INJ

Severity

Critical

Recommended

True

Recommended Action

Drop

HTTP: Symantec Messaging Gateway performRestore Command Injection

Extended Description

Affected Products

References

Found a potential security threat?