Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers

No description provided by source. Exploit Title: Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers Date: Jul 23 2012 Author: muts Version: Symantec Web Gateway 5.0.3.18 Vendor URL: http://www.symantec.com Timeline: 12 Jun 2012: Vulnerability reported to CERT 22 Jun 2012:...

Symantec Web Gateway 5.0.3.18 - Arbitrary Password Change (Metasploit)

@Kc57 Symantec Web Gateway "Symantec Web Gateway %q This module will change the password for the specified account on a Symantec Web Gatewaye server. , 'License' = MSFLICENSE, 'Version' = "$Revision: 0 $", 'Author' = 'Kc57', , 'References' = 'CVE', '2012-2977' , 'OSVDB', '0' , 'BID', '54430' ,...

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...

Symantec Web Gateway Multiple Vulnerabilities

Symantec Web Gateway is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:symantec:webgateway";...