Detections
Analytics

Symantec LiveUpdate Administrator < 2.3 CSRF (SYM11-005)

medium Nessus Plugin ID 53209

Language:

Synopsis

A web application on the remote host has a cross-site request forgery vulnerability.

Description

The version of LiveUpdate Administrator running on the remote host is earlier than 2.3. Such versions have a cross-site request forgery (CSRF) vulnerability. Failed login attempts are logged and viewable from the web console. Usernames from these failed attempts are not sanitized before they are displayed in the log, which could result in a cross-site request forgery attack.

A remote attacker could exploit this by attempting to login with a maliciously crafted username, resulting in arbitrary script execution the next time an admin user views the Event Log.

Solution

Upgrade to LiveUpdate Administrator 2.3 or later.

See Also

http://sotiriu.de/adv/NSOADV-2011-001.txt

http://www.nessus.org/u?8e61aa52

Plugin Details

Severity: Medium

ID: 53209

File Name: symantec_lua_2_3.nasl

Version: 1.17

Type: remote

Family: CGI abuses

Published: 3/29/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:symantec:liveupdate_administrator

Required KB Items: www/symantec_lua

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 3/21/2011

Vulnerability Publication Date: 3/21/2011

Reference Information

CVE: CVE-2011-0545, CVE-2011-1524

BID: 46856

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990