Secunia Security Advisory - A vulnerability has been reported in Sygate Management Server (SMS), which can be exploited by malicious people to conduct SQL injection attacks.
a4e425f81864245395d828b683ec8018056f5a5854bcf14536b149be9edbc445
TITLE:
Symantec Sygate Management Server SQL Injection
SECUNIA ADVISORY ID:
SA18689
VERIFY ADVISORY:
http://secunia.com/advisories/18689/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Manipulation of data
WHERE:
>From local network
SOFTWARE:
Sygate Secure Enterprise 3.x
http://secunia.com/product/3772/
Sygate Secure Enterprise 4.x
http://secunia.com/product/7301/
DESCRIPTION:
A vulnerability has been reported in Sygate Management Server (SMS),
which can be exploited by malicious people to conduct SQL injection
attacks.
Input passed to the authentication servlet is not properly sanitised
before being used in a SQL query. This can be exploited to manipulate
SQL queries by injection arbitrary SQL code.
Successful exploitation makes it possible to bypass the user
authentication by e.g. overwriting an administrative user's password
thereby gaining administrative privileges to the SMS server. This can
further be exploited to disable managed agents or propagate malicious
code to them.
The vulnerability has been reported in version 4.1, build 1417 and
prior.
SOLUTION:
Apply patches (see vendor advisory for patch information).
PROVIDED AND/OR DISCOVERED BY:
The vendor credits Guillaume Goutaudier.
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2006.02.01.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------