PineApp Mail-SeCure ldapsyncnow.php command injection

2013-08-14T00:00:00
ID SAINT:31FAB4F5EB269F3DE391726D71528B83
Type saint
Reporter SAINT Corporation
Modified 2013-08-14T00:00:00

Description

Added: 08/14/2013
BID: 61474
OSVDB: 95781

Background

PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection.

Problem

A vulnerability in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands contained in the **shell_command** parameter in a request for the **ldapsyncnow.php** script.

Resolution

Restrict access to ports 7080 and 7443.

References

<http://www.zerodayinitiative.com/advisories/ZDI-13-185/>

Limitations

Exploit works on PineApp Mail-SeCure 3.70 running on PineApp Linux 3.0.53.

Platforms

Linux