Description

Multiple improper error handling vulnerabilities were identified as affecting Security Console/ Admin Console (build 6_24) and Message Centre II (build 6_24) services. When exploited, such vulnerabilities could lead to disclosing implementation details, such as resource's location on the server's file system, products and API versions, internal code, etc.

An attacker could gather such information and use it for devising further exploits (eg. SQL Injection - see MVSA-10-001 advisory).

By providing malformed values for various parameters, Security Console/Admin Console and Message Centre II services return detailed errors exposing implementation details.

Security Console (Admin Console)

• Manipulation of beg_date and end_date parameters from /exec/adminRep resource allows disclosing the component, location on the server file system, build version, as well as the employed technology (programming language, version).

Message Centre II

• Manipulation of sort_direction parameter from /junk_quarantine/process and /trash/process resources allows identifying the employed database engine, as well as disclosure of SQL source code. 

Affected Versions

Security Console service of Google Message Security SaaS build 6_24 (January 2010).
Message Center II service of Google Message Security SaaS build 6_24 (January 2010).