 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.803732 |
| Categoría: | Web application abuses |
| Título: | Symantec Web Gateway Multiple Vulnerabilities-Aug2013 |
| Resumen: | This host is running Symantec Web Gateway and is prone to multiple;vulnerabilities. |
| Descripción: | Summary: This host is running Symantec Web Gateway and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Unspecified errors related to the SWG console interface, login prompt of the SWG console and sudo configuration. - Certain unspecified input is not properly sanitised before being returned to the user. - The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. Vulnerability Impact: Successful exploitation will allow attacker to gain escalated privileges and conduct cross-site scripting and cross-site request forgery attacks and compromise a vulnerable system. Affected Software/OS: Symantec Web Gateway versions prior to 5.1.1 Solution: Upgrade to Symantec Web Gateway version 5.1.1 or later. CVSS Score: 8.3 CVSS Vector: AV:A/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
BugTraq ID: 61106 BugTraq ID: 61101 BugTraq ID: 61103 BugTraq ID: 61102 BugTraq ID: 61104 Common Vulnerability Exposure (CVE) ID: CVE-2013-1616 http://www.securityfocus.com/bid/61106 http://packetstormsecurity.com/files/122556/Symantec-Web-Gateway-XSS-CSRF-SQL-Injection-Command-Injection.html https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130726-0_Symantec_Web_Gateway_Multiple_Vulnerabilities_v10.txt Common Vulnerability Exposure (CVE) ID: CVE-2013-1617 http://www.securityfocus.com/bid/61101 Common Vulnerability Exposure (CVE) ID: CVE-2013-4670 http://www.securityfocus.com/bid/61103 http://osvdb.org/95690 http://osvdb.org/95692 Common Vulnerability Exposure (CVE) ID: CVE-2013-4671 http://www.securityfocus.com/bid/61102 http://osvdb.org/95699 Common Vulnerability Exposure (CVE) ID: CVE-2013-4672 http://www.securityfocus.com/bid/61104 http://osvdb.org/95695 |
| Copyright | Copyright (C) 2013 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |