CVE-2012-0299 – Symantec Web Gateway upload_file Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0299
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors. Los programas de gestión de ficheros en el GUI en Symantec Web Gateway v5.0.x anteriores a v5.0.3 permite a atacantes remotos subir código a un path concreto, y posiblemente ejecutar este código, a través de vectores no determinados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while preserving the file extension. This allows users to upload additional script files that can be used to execute remote code from user supplied commands under the context of the webserver. • https://www.exploit-db.com/exploits/19038 http://www.securityfocus.com/bid/53443 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/75730 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0298 – symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0298
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors. Los scripts de gestión de archivos de la GUI de gestión de Symantec Web Gateway 5.0.x anteriores a 5.0.3 permite a atacantes remotos (1) leer o (2) borrar archivos arbitrarios a través de vectores sin especificar. Symantec Web Gateway version 5.0.2.8 suffers from local file inclusion, remote command execution, and arbitrary file deletion vulnerabilities. • https://www.exploit-db.com/exploits/19406 http://www.securityfocus.com/bid/53442 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/75732 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0297 – Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0297
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data. La interfaz de gestión en Symantec Web Gateway v5.0.x anteriores a v5.0.3 no restringe adecuadamente el acceso a los scripts de aplicaciones, lo que permite a atacantes remotos ejecutar código de su elección mediante (1) inyección de datos manipulados o (2) inclusión de datos manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec() in multiple script pages. The affected scripts are located in '/spywall/ipchange.php' and 'network.php'. • https://www.exploit-db.com/exploits/18942 https://www.exploit-db.com/exploits/19406 https://www.exploit-db.com/exploits/18932 https://www.exploit-db.com/exploits/19065 http://www.securityfocus.com/bid/53444 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/75731 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-0296
https://notcve.org/view.php?id=CVE-2012-0296
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en la gestión del GUI en Symantec Web Gateway v5.0.x anteriores a v5.0.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través vectores no especificados. • http://www.securityfocus.com/bid/53396 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-2212 – McAfee Web Gateway And Squid Proxy 3.1.19 Bypass
https://notcve.org/view.php?id=CVE-2012-2212
McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide configuration details for the vulnerable system, and the observed behavior might be consistent with a configuration that was (perhaps inadvertently) designed to allow access based on Host HTTP headers ** CONTROVERTIDO ** McAfee Web Gateway v7.0 permite a atacantes remotos evitar la configuración de acceso para el método CONNECT, proporcionando un nombre de host arbitraria en la cabecera 'Host HTTP'. NOTA: este problema no puede ser reproducible, porque el investigador no proporcionó detalles de la configuración para el sistema vulnerable, y el comportamiento observado podría ser compatible con una configuración que fue (tal vez sin darse cuenta) diseñada para permitir el acceso basado en cabeceras 'Host HTTP'. • http://archives.neohapsis.com/archives/bugtraq/2012-04/0118.html http://archives.neohapsis.com/archives/bugtraq/2012-04/0164.html http://archives.neohapsis.com/archives/bugtraq/2012-04/0189.html • CWE-264: Permissions, Privileges, and Access Controls •