Symantec Web Gateway < 5.1.1 Multiple Vulnerabilities (SYM13-008)

high Nessus Plugin ID 69179

Synopsis

A web security application hosted on the remote web server has multiple vulnerabilities.

Description

According to its self-reported version number, the remote web server is hosting Symantec Web Gateway before version 5.1.1, which has the following vulnerabilities :

- Multiple cross-site scripting vulnerabilities exist.
(CVE-2013-4670)

- It is possible to inject arbitrary operating system commands via the 'nameConfig.php' and 'networkConfig.php' scripts. (CVE-2013-1616)

- A misconfiguration in the '/etc/sudoers' file allows the user's 'apache' and 'admin' to run several commands with root privileges. (CVE-2013-4672)

- Multiple SQL injection vulnerabilities exist.
(CVE-2013-1617)

- A cross-site request forgery vulnerability exists in the 'ldapConfig.php' script. (CVE-2013-4671)

Solution

Upgrade to Symantec Web Gateway version 5.1.1 or later.

See Also

http://www.nessus.org/u?ccaf082c

http://www.nessus.org/u?d2a4b289

https://seclists.org/bugtraq/2013/Jul/177

Plugin Details

Severity: High

ID: 69179

File Name: symantec_web_gateway_sym13-008.nasl

Version: 1.11

Type: remote

Family: CGI abuses

Published: 8/1/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:symantec:web_gateway

Required KB Items: www/symantec_web_gateway

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 7/25/2013

Vulnerability Publication Date: 7/25/2013

Reference Information

CVE: CVE-2013-1616, CVE-2013-1617, CVE-2013-4670, CVE-2013-4671, CVE-2013-4672, CVE-2013-4673

BID: 61105, 61106, 61101, 61102, 61103, 61104

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990