Brightmail AntiSpam bmagent Multiple Remote Vulnerabilities (DoS, Traversal)

high Nessus Plugin ID 22158

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

The remote host is running Brightmail AntiSpam, an antispam and anti- virus filter for mail servers, and includes Brightmail Agent, a web server intended to be used by a Brightmail Control Center to manage the Brightmail Scanner.

The version of Brightmail Agent installed on the remote host does not require authentication and thus allows attackers to gain administrative control of the affected application. An attacker can exploit this issue to stop or disable the Brightmail Scanner's services, which could disrupt mail delivery for legitimate users; or to read and write to files associated with the application, which could result in the disclosure of sensitive information or reconfiguration of the application itself.

In addition, the Brightmail Agent suffers from a directory traversal vulnerability such that reads and writes are not limited to the application's directory. Successful exploitation of this issue may result in a complete compromise of the affected host since, under Windows, the application runs with LOCAL SYSTEM privileges.

Solution

Either restrict access to Brightmail Agent (refer to document id 2004123109522163 in Symantec's Support Knowledge Base) or upgrade to Symantec Brightmail AntiSpam 6.0.4 / Symantec Mail Security for SMTP 5.0 or later.

See Also

http://www.nessus.org/u?e069763f

Plugin Details

Severity: High

ID: 22158

File Name: brightmail_bmagent_mult_vulns.nasl

Version: 1.22

Type: remote

Published: 8/4/2006

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Ease: No known exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 7/27/2006

Reference Information

CVE: CVE-2006-4013, CVE-2006-4014

BID: 19182

CWE: 22