Symantec Reporting Server < 1.0.224.0 Multiple Vulnerabilities

high Nessus Plugin ID 25458

Synopsis

The remote web server contains a PHP application that is affected by several issues.

Description

The remote host is running Symantec Reporting Server, a web-based tool for creating reports about Symantec enterprise antivirus products.

The version of Symantec Reporting Server installed on the remote host allows a remote attacker to bypass authentication to various scripts and gain access to the application.

Additionally, it reportedly allows a user to create a malicious executable in the process of exporting data. This could, in turn, be executed in the context of the web server user, and may display the administrator's hashed password after failed login attempts, which might allow an attacker to gain control of the affected application.

Solution

Upgrade to Symantec Reporting Server version 1.0.224.0 or later.

See Also

https://support.symantec.com/en_US/article.SYMSA1123.html

https://support.symantec.com/en_US/article.SYMSA1122.html

Plugin Details

Severity: High

ID: 25458

File Name: symantec_reporting_server_1_0_224.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 6/8/2007

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:symantec:norton_antivirus, cpe:/a:symantec:client_security, cpe:/a:symantec:reporting_server

Required KB Items: www/PHP

Exploit Ease: No exploit is required

Patch Publication Date: 6/5/2007

Vulnerability Publication Date: 6/5/2007

Reference Information

CVE: CVE-2007-3021, CVE-2007-3022, CVE-2007-3095

BID: 24312, 24313, 24325