CVE-2010-0115 – Symantec Web Gateway Management Interface USERNAME Blind SQL Injection Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0115

SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. Una vulnerabilidad de inyección SQL en login.php en la GUI de administración de la consola de Symantec Web Gateway 4.5 antes de v4.5.0.376 permite a atacantes remotos ejecutar comandos SQL a través del parámetro USERNAME. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the management interface which listens by default on TCP port 443. While parsing requests sent to the login.php page, the process does not properly sanitize the USERNAME POST parameter. • http://osvdb.org/70415 http://secunia.com/advisories/42878 http://www.securityfocus.com/bid/45742 http://www.securitytracker.com/id?1024958 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00 http://www.vupen.com/english/advisories/2011/0088 http://www.zerodayinitiative.com/advisories/ZDI-11-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/64658 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •