Symantec Messaging Gateway Default SSH Password (CVE-2012-3579)

A design weakness vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to hardcoded default credentials usage. A remote attacker could exploit this vulnerability by logging-in to the administration console, thus gaining partial access to the configuration of the...

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

Symantec Messaging Gateway 9.5.x Multiple Vulnerabilities (SYM12-013)

According to its self-reported version number, the version of Symantec Messaging Gateway running on the remote host is 9.5.x and has the following vulnerabilities : - Multiple XSS vulnerabilities exist. CVE-2012-0307 - Lack of password protection on sensitive functions as well as of CSRF protecti...

Symantec Messaging Gateway 9.5 Default SSH Password

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Symantec Messaging Gateway 9.5 Default SSH Password

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'net/ssh' class Metasploit3...

Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability

This module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote. This module requires Metasploit: https://metasploit.com/download Current...

CVE-2012-3579

creationtimestamp| type| source ---|---|--- 2012-08-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/21136 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/symantecsmgssh.rb 2025-02-06 03:13:40+00:00| seen|...

CVE-2012-3579

Symantec Messaging Gateway (SMG) versions before 10.0 are vulnerable to CVE-2012-3579 due to a hardcoded default SSH password on the support account, enabling remote login and privileged access via SSH. The issue is documented across multiple sources (SAINT advisories and OpenVAS/Nessus reference...