# Title : Symantec Messaging Gateway <= 10.6.1 Directory Traversal # Date : 28/09/2016 # Author : R-73eN # Tested on : Symantec Messaging Gateway 10.6.1 (Latest) # Software : http://ift.tt/2cBcgkZ # Vendor : Symantec # CVE : CVE-2016-5312 # DESCRIPTION: # A charting component in the Symantec Messaging Gateway control center does not properly sanitize user input submitted for charting requests. # This could potentially result in an authorized but less privileged user gaining access to paths outside the authorized directory. # This could potentially provide read access to some files/directories on the server for which the user is not authorized.
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment