Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Device (Embedded Server/Appliance) > Symantec Web Gateway

Vendors: Symantec

Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords

SecurityTracker Alert ID: 1027289

SecurityTracker URL: http://securitytracker.com/id/1027289

CVE Reference: CVE-2012-2574, CVE-2012-2953, CVE-2012-2957, CVE-2012-2961, CVE-2012-2976, CVE-2012-2977 (Links to External Site)

Date: Jul 23 2012

Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 5.0.x.x

Description: Several vulnerabilities were reported in Symantec Web Gateway. A remote user can execute arbitrary commands on the target system. A remote user can inject SQL commands. A remote user can change a target user's password.

A remote user can send specially crafted data to and execute arbitrary commands on the target system [CVE-2012-2953, CVE-2012-2976].

The software does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database [CVE-2012-2574, CVE-2012-2961].

A remote user can supply a specially crafted request to include and execute files located on the target system [CVE-2012-2957].

A remote user can supply a specially crafted request to change a target user's password [CVE-2012-2977].

Offensive Security and an anonymous contributor reported these vulnerabilities via US CERT/CC.

Impact: A remote user can execute arbitrary commands on the target system.

A remote user can execute SQL commands on the underlying database.

A remote user can change a target user's password.

Solution: The vendor has issued a fix (database update 5.0.0.438 for version 5.0.3.18).

The vendor's advisory is available at:

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00

Vendor URL: www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00 (Links to External Site)

Cause: Access control error, Input validation error

Underlying OS:

Message History: None.

Source Message Contents

Date: Mon, 23 Jul 2012 21:00:17 +0000
Subject: Symantec Web Gateway


http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00

CVE-2012-2574
Blind SQL injection

CVE-2012-2953
command execution

CVE-2012-2957
local file inclusion

CVE-2012-2961
SQL injection

CVE-2012-2976
shell injection

CVE-2012-2977
unauthorized/unauthenticated password change

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC