| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
| The vulnerability of the McAfee Email Gateway software allows a hacker to inject arbitrary Web or HTML code. | 19 Apr 201600:00 | – | bdu_fstec | |
| McAfee Email Gateway Cross-Site Scripting Vulnerability (CNVD-2016-02066) | 7 Apr 201600:00 | – | cnvd | |
| CVE-2016-3969 | 6 Apr 201618:00 | – | cve | |
| CVE-2016-3969 | 6 Apr 201618:00 | – | cvelist | |
| EUVD-2016-4978 | 7 Oct 202500:30 | – | euvd | |
| CVE-2016-3969 | 6 Apr 201618:59 | – | nvd | |
| McAfee Email Gateway XSS Vulnerability (SB10153) | 8 Apr 201600:00 | – | openvas | |
| CVE-2016-3969 | 6 Apr 201618:59 | – | osv | |
| Cross site scripting | 6 Apr 201618:59 | – | prion |
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(90835);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/09/18");
script_cve_id("CVE-2016-3969");
script_xref(name:"MCAFEE-SB", value:"SB10153");
script_xref(name:"IAVA", value:"2016-A-0117-S");
script_name(english:"McAfee Email Gateway 7.6.x < 7.6.404 Blocked Email Alert XSS (SB10153)");
script_summary(english:"Checks the MEG version.");
script_set_attribute(attribute:"synopsis", value:
"The application installed on the remote host is affected by a
cross-site scripting vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of McAfee Email Gateway (MEG) installed on the remote host
is 7.6.x prior to 7.6.404. It is, therefore, affected by a cross-site
scripting (XSS) vulnerability that is triggered when File Filtering is
enabled with the action set to 'ESERVICES:REPLACE'. This is due to a
failure to validate input passed via alerts for blocked email
attachments; attachments are displayed 'as is' without the XML or
HTML content being properly escaped. An unauthenticated, remote
attacker can exploit this, via a crafted email attachment, to execute
arbitrary script code in a user's browser session.");
script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10153");
script_set_attribute(attribute:"solution", value:
"Upgrade to McAfee Email Gateway version 7.6.404 as referenced in the
vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-3969");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/30");
script_set_attribute(attribute:"patch_publication_date", value:"2016/03/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:email_gateway");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses : XSS");
script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mcafee_email_gateway_version.nbin");
script_require_keys("Host/McAfeeSMG/name", "Host/McAfeeSMG/version", "Host/McAfeeSMG/patches", "Settings/ParanoidReport");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if (report_paranoia < 2) audit(AUDIT_PARANOID);
app_name = get_kb_item_or_exit("Host/McAfeeSMG/name");
version = get_kb_item_or_exit("Host/McAfeeSMG/version");
patches = get_kb_item_or_exit("Host/McAfeeSMG/patches");
if (version =~ "^7\.6")
{
hotfix = "7.6.404-3328.101";
}
else
{
audit(AUDIT_INST_VER_NOT_VULN, app_name, version);
}
if (
hotfix >!< patches
)
{
port = 0;
report = '\n' + app_name + ' ' + version + ' is missing patch ' + hotfix + '.\n';
security_report_v4(severity:SECURITY_WARNING, extra:report, port:port, xss:TRUE);
exit(0);
}
else audit(AUDIT_PATCH_INSTALLED, hotfix, app_name, version);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation