VAR-201212-0025
Vulnerability from variot - Updated: 2023-12-18 14:06Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. (1) brightmail/export of .. An attacker can exploit these issues to download arbitrary files within the context of the web server process. Information obtained may aid in further attacks. Symantec Messaging Gateway 9.5.x versions are vulnerable. Symantec Messaging Gateway is a spam filter that integrates anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies from Symantec. By (1) adding .. to the localBackupFileSelection parameter in the APPLIANCE restoreSource operation and sending it to brightmail/admin/restore/download.do, remote attackers use The vulnerability reads arbitrary files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0025",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "messaging gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "9.5.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "9.5.3"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "9.5.4"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "9.5.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "9.5 and 9.5.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.3-3"
}
],
"sources": [
{
"db": "BID",
"id": "56789"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:9.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:9.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:9.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:9.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4347"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ben Williams",
"sources": [
{
"db": "BID",
"id": "56789"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4347",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-4347",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-57628",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4347",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201212-068",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-57628",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. (1) brightmail/export of .. \nAn attacker can exploit these issues to download arbitrary files within the context of the web server process. Information obtained may aid in further attacks. \nSymantec Messaging Gateway 9.5.x versions are vulnerable. Symantec Messaging Gateway is a spam filter that integrates anti-spam, anti-virus, advanced content filtering and data leakage prevention technologies from Symantec. By (1) adding .. to the localBackupFileSelection parameter in the APPLIANCE restoreSource operation and sending it to brightmail/admin/restore/download.do, remote attackers use The vulnerability reads arbitrary files",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "BID",
"id": "56789"
},
{
"db": "VULHUB",
"id": "VHN-57628"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-57628",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4347",
"trust": 2.8
},
{
"db": "BID",
"id": "56789",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "23110",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76888",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-57628",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
},
{
"db": "BID",
"id": "56789"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"id": "VAR-201212-0025",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:06:16.853000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Symantec Messaging Gateway powered by Brightmail",
"trust": 0.8,
"url": "http://www.cybernet.co.jp/symantec/products/msg/smg.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/56789"
},
{
"trust": 1.3,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120827_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4347"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4347"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/messaging-gateway"
},
{
"trust": 0.3,
"url": "http://www.nccgroup.com/en/learning-research-centre/security-testing-audit-compliance-resources/technical-advisories/symantec-messaging-gateway-arbitrary-file-download-is-possible-with-a-crafted-url/#"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=2012\u0026amp;suid=20120827_00"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57628"
},
{
"db": "BID",
"id": "56789"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57628"
},
{
"db": "BID",
"id": "56789"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-05T00:00:00",
"db": "VULHUB",
"id": "VHN-57628"
},
{
"date": "2012-12-01T00:00:00",
"db": "BID",
"id": "56789"
},
{
"date": "2012-12-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"date": "2012-12-05T11:57:14.850000",
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"date": "2012-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-57628"
},
{
"date": "2012-12-01T00:00:00",
"db": "BID",
"id": "56789"
},
{
"date": "2012-12-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005666"
},
{
"date": "2013-10-11T13:18:21.300000",
"db": "NVD",
"id": "CVE-2012-4347"
},
{
"date": "2012-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Messaging Gateway Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005666"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201212-068"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…