Symantec Message Filter Multiple Vulnerabilities (SYM12-010)

medium Nessus Plugin ID 59836

Synopsis

A web management interface hosted on the remote web server has multiple vulnerabilities.

Description

The version of Brightmail Control Center (the web management interface for Symantec Message Filter) hosted on the remote web server has the following vulnerabilities :

- Multiple information disclosure vulnerabilities.
(CVE-2012-0300)

- Session fixation. (CVE-2012-0301)

- Unspecified cross-site scripting. (CVE-2012-0302)

- Unspecified cross-site request forgery. (CVE-2012-0303)

Solution

Upgrade to Symantec Message Filter 6.3 and apply patch smf_630_p231.

This patch is the last security update that will be provided for Symantec Message Filter as the software is no longer supported. Consider migrating to a different product.

See Also

https://seclists.org/bugtraq/2012/Jul/12

http://www.nessus.org/u?db46dd92

http://www.nessus.org/u?df589738

Plugin Details

Severity: Medium

ID: 59836

File Name: symantec_message_filter_sym12-010.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 7/3/2012

Updated: 6/5/2024

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:symantec:message_filter

Required KB Items: www/smf_bcc

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 6/26/2012

Vulnerability Publication Date: 6/26/2012

Reference Information

CVE: CVE-2012-0300, CVE-2012-0301, CVE-2012-0302, CVE-2012-0303

BID: 54133, 54134, 54135, 54136

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990