Lucene search
SAINT CorporationSAINT:7F868BFDE42BF5729DE043D95D215DCBHistoryNov 25, 2013 - 12:00 a.m.
PineApp Mail-SeCure confnetworking.html nsserver command execution
2013-11-2500:00:00
SAINT Corporation
download.saintcorporation.com
41
EPSS
0.004
Percentile
75.1%
Added: 11/25/2013
CVE: CVE-2013-6830
BID: 63817
OSVDB: 100029
Background
PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer’s network, as well as post-perimeter anti-spam content inspection.
Problem
A vulnerability in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands contained in the **nsserver** parameter in a request for the **confnetworking.html** script.
Resolution
Restrict access to ports 7080 and 7443.
References
<http://www.exploit-db.com/exploits/29734/>
Limitations
Exploit requires wget to be installed on the target system.
Platforms
Linux
Related
cvelist
cvelist
CVE-2013-6830
2013-11-20 11:00:00
saint
saint
PineApp Mail-SeCure confnetworking.html nsserver command execution
2013-11-25 00:00:00
PineApp Mail-SeCure confnetworking.html nsserver command execution
2013-11-25 00:00:00
PineApp Mail-SeCure confnetworking.html nsserver command execution
2013-11-25 00:00:00
cve
cve
CVE-2013-6830
2013-11-20 14:12:50
prion
prion
Design/Logic Flaw
2013-11-20 14:12:00
nvd
nvd
CVE-2013-6830
2013-11-20 14:12:50
nessus
nessus
exploitdb
exploitdb
PineApp MailSecure - Remote Command Execution
2013-11-20 00:00:00