Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1380
HistorySep 27, 2016 - 8:00 a.m.

Symantec Messaging Gateway Security Update

2016-09-2708:00:00
Symantec Security Response
14

0.962 High

EPSS

Percentile

99.5%

JSON

SUMMARY

Symantec has addressed a directory traversal issue in Symantec Messaging Gateway caused by insufficient sanitization of user-supplied input. This issue could allow unauthorized access to files or directories.

AFFECTED PRODUCTS

Symantec Messaging Gateway (SMG)

CVE

|

Affected Version(s)

|

Remediation

CVE-2016-5312

|

Prior to 10.6.2

|

Upgrade to 10.6.2

ISSUES

CVE-2016-5312

Severity/CVSSv3:

|

Medium / 4.1 AV:A/AC: L/PR:L/UI:N/S:C/C:L/I:N/A:N

References:

Impact:

|

Securityfocus: BID 93148 / NVD: CVE-2016-5312

Directory traversal

Description:

|

A charting component in the Symantec Messaging Gateway control center does not properly sanitize user input submitted for charting requests. This could potentially result in an authorized but less privileged user gaining access to paths outside the authorized directory. This could potentially provide read access to some files/directories on the server for which the user is not authorized.

MITIGATION

The listening port for Symantec Messaging Gateway Control Center should not be accessible outside of the authorized network. Restrict access to the Symantec Messaging Gateway Center to network-authorized, control center privileged users only.

Best Practices

Symantec recommends the following measures to reduce risk of attack:

  • Restrict access to administrative or management systems to authorized privileged users.
  • Restrict remote access to trusted/authorized systems only.
  • Run under the principle of least privilege, where possible, to limit the impact of potential exploit.
  • Keep all operating systems and applications current with vendor patches.
  • Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection to both inbound and outbound threats.
  • Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.

ACKNOWLEDGEMENTS

  • Rio Sherri of S&T Albania (CVE-2016-5312)

REVISION

  • September 27, 2016: Fixed the CVE ID under the ISSUES section to reflect CVE-2016-5312, the correctly assigned CVE for this issue.
CPENameOperatorVersion
symantec messaging gateway (smg)eq1

Related

exploitpack 1
zdt 1
packetstorm 1
cvelist 1
nvd 1
openvas 1
dsquare 1
cve 1
prion 1
exploitdb 1
nessus 1
exploitpack
exploitpack
Symantec Messaging Gateway 10.6.1 - Directory Traversal
2016-09-28 00:00:00
zdt
zdt
Symantec Messaging Gateway 10.6.1 - Directory Traversal
2016-09-28 00:00:00
packetstorm
packetstorm
Symantec Messaging Gateway 10.6.1 Directory Traversal
2016-09-28 00:00:00
cvelist
cvelist
CVE-2016-5312
2017-04-14 18:00:00
nvd
nvd
CVE-2016-5312
2017-04-14 18:59:00
openvas
openvas
Symantec Messaging Gateway Directory Traversal Vulnerability (SYM16-016) - Active Check
2016-09-30 00:00:00
dsquare
dsquare
Symantec Messaging Gateway 10.6.1 File Disclosure
2018-07-07 00:00:00
cve
cve
CVE-2016-5312
2017-04-14 18:59:00
prion
prion
Directory traversal
2017-04-14 18:59:00
exploitdb
exploitdb
Symantec Messaging Gateway 10.6.1 - Directory Traversal
2016-09-28 00:00:00
nessus
nessus
Symantec Messaging Gateway 10.x < 10.6.2 Multiple Vulnerabilities (SYM16-015) (SYM16-016)
2016-09-22 00:00:00

0.962 High

EPSS

Percentile

99.5%

JSON
Related for SMNTC-1380
exploitpack1zdt1packetstorm1cvelist1nvd1openvas1dsquare1cve1prion1exploitdb1nessus1