cnvd - cnvd-2018-01158

cnvd-2018-01158

Vulnerability from cnvd

Title: Symantec Messaging Gateway目录遍历漏洞（CNVD-2018-01158）

Description:

Symantec Messaging Gateway是美国赛门铁克（Symantec）公司的一套集反垃圾邮件、防病毒、高级内容过滤和数据泄露防护技术于一体的垃圾邮件过滤器。

Symantec Messaging Gateway 10.6.4之前的版本中存在目录遍历漏洞。攻击者可通过操作变量利用该漏洞访问储存在文件系统中的任意文件和目录。

Severity: 中

Patch Name: Symantec Messaging Gateway目录遍历漏洞（CNVD-2018-01158）的补丁

Patch Description:

Symantec Messaging Gateway是美国赛门铁克（Symantec）公司的一套集反垃圾邮件、防病毒、高级内容过滤和数据泄露防护技术于一体的垃圾邮件过滤器。

Symantec Messaging Gateway 10.6.4之前的版本中存在目录遍历漏洞。攻击者可通过操作变量利用该漏洞访问储存在文件系统中的任意文件和目录。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171220_00

Reference: https://www.securityfocus.com/bid/102096

Impacted products

Name
Symantec Messaging Gateway <10.6.4

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "102096"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-15532"
    }
  },
  "description": "Symantec Messaging Gateway\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u4e00\u5957\u96c6\u53cd\u5783\u573e\u90ae\u4ef6\u3001\u9632\u75c5\u6bd2\u3001\u9ad8\u7ea7\u5185\u5bb9\u8fc7\u6ee4\u548c\u6570\u636e\u6cc4\u9732\u9632\u62a4\u6280\u672f\u4e8e\u4e00\u4f53\u7684\u5783\u573e\u90ae\u4ef6\u8fc7\u6ee4\u5668\u3002\r\n\r\nSymantec Messaging Gateway 10.6.4\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u64cd\u4f5c\u53d8\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u50a8\u5b58\u5728\u6587\u4ef6\u7cfb\u7edf\u4e2d\u7684\u4efb\u610f\u6587\u4ef6\u548c\u76ee\u5f55\u3002",
  "discovererName": "rgod working with Trend Micro\u0027s Zero Day Initiative.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171220_00",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-01158",
  "openTime": "2018-01-17",
  "patchDescription": "Symantec Messaging Gateway\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u4e00\u5957\u96c6\u53cd\u5783\u573e\u90ae\u4ef6\u3001\u9632\u75c5\u6bd2\u3001\u9ad8\u7ea7\u5185\u5bb9\u8fc7\u6ee4\u548c\u6570\u636e\u6cc4\u9732\u9632\u62a4\u6280\u672f\u4e8e\u4e00\u4f53\u7684\u5783\u573e\u90ae\u4ef6\u8fc7\u6ee4\u5668\u3002\r\n\r\nSymantec Messaging Gateway 10.6.4\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u64cd\u4f5c\u53d8\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u50a8\u5b58\u5728\u6587\u4ef6\u7cfb\u7edf\u4e2d\u7684\u4efb\u610f\u6587\u4ef6\u548c\u76ee\u5f55\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Symantec Messaging Gateway\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2018-01158\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Symantec Messaging Gateway \u003c10.6.4"
  },
  "referenceLink": "https://www.securityfocus.com/bid/102096",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-21",
  "title": "Symantec Messaging Gateway\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2018-01158\uff09"
}

CVE-2017-15532 (GCVE-0-2017-15532)

Vulnerability from cvelistv5

Published

2017-12-20 18:00

Modified

2024-09-16 16:58

Severity ?

CWE

Directory traversal

Summary

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/102096	vdb-entry, x_refsource_BID
	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171220_00	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Symantec Corporation	Messaging Gateway	Version: Prior to 10.6.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:57:26.486Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102096",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102096"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171220_00"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Messaging Gateway",
          "vendor": "Symantec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Prior to 10.6.4"
            }
          ]
        }
      ],
      "datePublic": "2017-12-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Directory traversal",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-21T10:57:01",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "name": "102096",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102096"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171220_00"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "DATE_PUBLIC": "2017-12-20T00:00:00",
          "ID": "CVE-2017-15532",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Messaging Gateway",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Prior to 10.6.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Directory traversal"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102096",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102096"
            },
            {
              "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171220_00",
              "refsource": "CONFIRM",
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171220_00"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2017-15532",
    "datePublished": "2017-12-20T18:00:00Z",
    "dateReserved": "2017-10-17T00:00:00",
    "dateUpdated": "2024-09-16T16:58:19.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted