Lucene search

K
saintSAINT CorporationSAINT:0D475EE538584A09C093C3CE051B9477
HistoryJun 11, 2012 - 12:00 a.m.

Symantec Web Gateway access_log PHP Injection

2012-06-1100:00:00
SAINT Corporation
www.saintcorporation.com
17

0.974 High

EPSS

Percentile

99.9%

Added: 06/11/2012
CVE: CVE-2012-0297
BID: 53444
OSVDB: 82023

Background

Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web.

Problem

Symantec Web Gateway fails to properly sanitize user-supplied input passed to “/spywall/releasenotes.php” via the “relfile” parameter. This can be exploited to execute arbitrary PHP code.

Resolution

Upgrade Symantec Web Gateway to version 5.0.3 or higher.

References

<http://secunia.com/advisories/49216&gt;
[http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&amp;pvid=security_advisory&amp;year=2012&amp;suid=20120517_00 ](<http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
>)

Limitations

This exploit has been tested against Symantec Web Gateway 5.0.0.216 and 5.0.2.8

Platforms

Linux