Detections
Analytics

Symantec Web Gateway < 5.1.1 Multiple Vulnerabilities (SYM13-008)

high Nessus Network Monitor Plugin ID 6966

Synopsis

The web security application running on the remote web server has multiple vulnerabilities

Description

The remote web server is hosting Symantec Web Gateway application. Versions of Symantec Web Gateway 5.1.x, are potentially affected by the following vulnerabilities :

 - Multiple cross-site scripting vulnerabilities exist.(CVE-2013-4670)

 - It is possible to inject arbitrary operating system commands via the 'nameConfig.php' and 'networkConfig.php' scripts. (CVE-2013-1616)

 - A misconfiguration in the '/etc/sudoers' file allows the user's 'apache' and 'admin' to run several commands with root privileges. (CVE-2013-4672)

 - Multiple SQL injection vulnerabilities exist.(CVE-2013-1617)

 - A cross-site request forgery vulnerability exists in the' ldapConfig.php' script. CVE-2013-4671).

Solution

Upgrade to Symantec Web Gateway version 5.1.1 or later.

See Also

http://www.nessus.org/u?1fd5baa6

http://www.nessus.org/u?d2a4b289

http://archives.neohapsis.com/archives/bugtraq/2013-07/0178.html

Plugin Details

Severity: High

ID: 6966

Family: CGI

Published: 8/6/2013

Updated: 3/6/2019

Nessus ID: 69179

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.9

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:symantec:web_gateway

Patch Publication Date: 7/25/2013

Vulnerability Publication Date: 7/25/2013

Reference Information

CVE: CVE-2013-1616, CVE-2013-1617, CVE-2013-4670, CVE-2013-4671, CVE-2013-4672, CVE-2013-4673

BID: 61105, 61104, 61103, 61102, 61101, 61106