Symantec Web Gateway Remote Shell Command Execution Vulnerability

Bugtraq ID:	53444
Class:	Input Validation Error
CVE:	CVE-2012-0297
Remote:	Yes
Local:	No
Published:	May 17 2012 12:00AM
Updated:	Jun 28 2012 12:10PM
Credit:	An anonymous contributor working with Beyond Security's SecuriTeam Secure Disclosure project
Vulnerable:	Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0
Not Vulnerable:	Symantec Web Gateway 5.0.3

Symantec Web Gateway Remote Shell Command Execution Vulnerability

Symantec Web Gateway is prone to a vulnerability that can allow an attacker to execute arbitrary commands.

Successful exploits will result in the execution of arbitrary attack-supplied commands in the context of the affected application.

Symantec Web Gateway Remote Shell Command Execution Vulnerability

Attackers can exploit this issue with a browser.

The following example URI is available:

http://www.example.com/spywall/releasenotes.php?relfile=../../../../../../etc/passwd

The following exploits are available:

• /data/vulnerabilities/exploits/53444.py
• /data/vulnerabilities/exploits/53444.rb
• /data/vulnerabilities/exploits/53444_1.rb

Symantec Web Gateway Remote Shell Command Execution Vulnerability

Solution:
Updates are available. Please see the reference for more details.

Symantec Web Gateway Remote Shell Command Execution Vulnerability

References:

• Symantec Web Gateway (Symantec)
  
• SYM12-006 Symantec Web Gateway Multiple Security Issues (Symantec)