Latest YouTube Video

Wednesday, September 28, 2016

[FD] Symantec Messaging Gateway <= 10.6.1 Directory Traversal

# Title : Symantec Messaging Gateway <= 10.6.1 Directory Traversal # Date : 28/09/2016 # Author : R-73eN # Tested on : Symantec Messaging Gateway 10.6.1 (Latest) # Software : http://ift.tt/2cBcgkZ # Vendor : Symantec # CVE : CVE-2016-5312 # DESCRIPTION: # A charting component in the Symantec Messaging Gateway control center does not properly sanitize user input submitted for charting requests. # This could potentially result in an authorized but less privileged user gaining access to paths outside the authorized directory. # This could potentially provide read access to some files/directories on the server for which the user is not authorized.

Source: Gmail -> IFTTT-> Blogger

No comments: