Test Kennung:	1.3.6.1.4.1.25623.1.0.140294
Kategorie:	Web application abuses
Titel:	Symantec Messaging Gateway Multiple Vulnerabilities (Aug 2017)
Zusammenfassung:	Symantec Messaging Gateway is prone to multiple; vulnerabilities.
Beschreibung:	Summary: Symantec Messaging Gateway is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2017-6327: The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges. - CVE-2017-6328: The Symantec Messaging Gateway can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser. Affected Software/OS: Symantec Messaging Gateway version 10.6.3 and prior. Solution: Update to version 10.6.3-267 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6327 BugTraq ID: 100135 http://www.securityfocus.com/bid/100135 https://www.exploit-db.com/exploits/42519/ http://seclists.org/fulldisclosure/2017/Aug/28 Common Vulnerability Exposure (CVE) ID: CVE-2017-6328 BugTraq ID: 100136 http://www.securityfocus.com/bid/100136
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.