Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
BID:51969
Info
Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
| Bugtraq ID: | 51969 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 10 2012 12:00AM |
| Updated: | Feb 10 2012 12:00AM |
| Credit: | Timeless Prototype |
| Vulnerable: |
Astaro Security Gateway 0 |
| Not Vulnerable: | |
Discussion
Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
Astaro Security Gateway is prone to a security-bypass weakness.
Attackers can exploit this issue to bypass intended security restrictions of the firewall. This may aid in further attacks.
Astaro Security Gateway is prone to a security-bypass weakness.
Attackers can exploit this issue to bypass intended security restrictions of the firewall. This may aid in further attacks.
Exploit / POC
Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
Attackers can use readily available tools to exploit this issue.
Attackers can use readily available tools to exploit this issue.
Solution / Fix
Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
Solution:
Reports indicate that this issue has been fixed by the vendor but Symantec has not confirmed it. Please contact the vendor for more information.
Solution:
Reports indicate that this issue has been fixed by the vendor but Symantec has not confirmed it. Please contact the vendor for more information.
References
Astaro Security Gateway Whitelist Domain Pattern Security Bypass Weakness
References:
References:
- Astaro Security Gateway - bypass using whitelist domain pattern weakness (Timeless Prototype)
- Astaro Security Gateway Homepage (Astaro)