Page 7 of 62 results (0.012 seconds)

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration to make this a setuid-root file. Vulnerabilidad en admin_messages.php en la consola de gestión en Symantec Web Gateway (SWG) en dispositivos con software en versiones anteriores a 5.2.2 DB 5.0.0.1277, permite a usuarios remotos autenticados ejecutar código arbitrario subiendo un archivo con una extensión segura y tipo de contenido, aprovechando entonces una configuración de Sudo incorrecta para hacer de esto un archivo setuid-root. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is required to exploit this vulnerability, however it can be bypassed via reflected cross-site scripting. The specific flaw exists within the admin_messages.php file which relies on mimetypes and file extensions to block potentially dangerous file uploads. An attacker can exploit this condition to upload arbitrary files as the apache user. • http://www.securityfocus.com/bid/76726 http://www.securitytracker.com/id/1033625 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00 http://www.zerodayinitiative.com/advisories/ZDI-15-443 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture." Vulnerabilidad en la consola de gestión en Symantec Web Gateway (SWG) en dispositivos con software en versiones anteriores a 5.2.2 DB 5.0.0.1277, permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de vectores relacionados con la 'captura de tráfico'. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the path processing for command URLs accessed through the management port of the gateway. A crafted URL can cause the Web Gateway to execute a command that should not be available externally. • http://www.securityfocus.com/bid/76731 http://www.securitytracker.com/id/1033625 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00 http://www.zerodayinitiative.com/advisories/ZDI-15-444 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.5EPSS: 72%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php. Múltiples vulnerabilidades de XSS en scripts PHP en la consola de gestión en Symantec Web Gateway (SWG) en dispositivos con software en versiones anteriores a 5.2.2 DB 5.0.0.1277, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados, según lo demostrado en un ataque contra admin_messages.php. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is required to exploit this vulnerability, however it can be bypassed via reflected cross-site scripting. The specific flaw exists within the admin_messages.php file which relies on mimetypes and file extensions to block potentially dangerous file uploads. An attacker can exploit this condition to upload arbitrary files as the apache user. • http://www.securityfocus.com/bid/76728 http://www.securitytracker.com/id/1033625 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150916_00 http://www.zerodayinitiative.com/advisories/ZDI-15-443 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 47%CPEs: 1EXPL: 2

The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts. La consola de gestión de en el dispositivo Symantec Web Gateway (SWG) anterior a 5.2.2 permite a usuarios remotos autenticados ejecutar comandos del sistema operativo arbitrarios mediante la inyección de cadenas de comandos en secuencias de comandos PHP no especificadas. Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability. • https://www.exploit-db.com/exploits/36263 http://karmainsecurity.com/KIS-2014-19 http://osvdb.org/show/osvdb/116009 http://packetstormsecurity.com/files/130612/Symantec-Web-Gateway-5-restore.php-Command-Injection.html http://www.exploit-db.com/exploits/36263 http://www.securityfocus.com/bid/71620 http://www.securitytracker.com/id/1031386 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141216_00 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

The Accounts tab in the administrative user interface in McAfee Web Gateway (MWG) before 7.3.2.9 and 7.4.x before 7.4.2 allows remote authenticated users to obtain the hashed user passwords via unspecified vectors. La pestaña Accounts en la interfaz de usuario de administración en McAfee Web Gateway (MWG) anterior a 7.3.2.9 y 7.4.x anterior a 7.4.2 permite a usuarios remotos autenticados obtener las contraseñas de usuarios en hash a través de vectores no especificados. • http://www.securitytracker.com/id/1030675 https://exchange.xforce.ibmcloud.com/vulnerabilities/95690 https://kc.mcafee.com/corporate/index?page=content&id=SB10080 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •