Description
Symantec Brightmail Gateway Appliance is vulnerable to various Privilege Escalation attacks. When exploited
by an authenticated user, the identified vulnerabilities allows an underprivileged user to access protected user and system information, use
resources requiring administrative privileges for altering appliances settings,
and to gain complete administrative privileges.
By manipulating the value of userID parameter of edit.do resource, an attacker could enumerate all the valid accounts configured for the appliance: url_placeholder/administrator/edit.do?userID=x where x is any
value between 1 and the maximum number of user accounts n. This allows
harvesting user information, such as user name IDs and e-mail addresses. url_placeholder/setup/SiteSetupAppliance$exec.flo?flowId=0
Symantec Brightmail Gateway Appliance 8300 - All versions prior to 8.0.1Symantec Mail Security Appliance 8200/8300 - All versions
Mitigation
Vendor recommends upgrading
to Symantec Brightmail Gateway version 8.0.1 or later.
Alternatively, please contact Symantec for
technical support.
Disclosure Timeline 25 January 2009: Vulnerabilities discovered and documented 28 January 2009: Vendor notified 02 February 2009: Vendor confirmed receiving the original reports 08 February 2009: Vendor confirmed the identified vulnerabilities 23 April 2009: Vendor released patches for reported vulnerabilities 23 February 2010: Current advisory published MVSA-09-001
Dr. Marian
Ventuneac
|