In association with heise online

12 June 2012, 16:59

Multiple vulnerabilities in Symantec Web Gateway eliminated

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec logo The GUI for the administration front end of Symantec Web Gateway 5.0 allows a series of attacks to occur which can, at worst, let attackers execute their own commands or code on the gateway. Demonstration exploits and a Metasploit module that implements the attacks are already publicly available.

Symantec has now provided Symantec Web Gateway 5.0.3, which fixes the four vulnerabilities: two highly rated code/command injection flaws and two medium rated flaws related to file download/deletion and exposure to cross-site scripting.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-1616463
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit