Showing 1 - 1 of 1

CVE-2012-2953

Status Candidate

Overview

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.

Related Files

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection: Posted Jul 27, 2012; Authored by muts, sinn3r | Site metasploit.com; This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service. While handling the filename parameter, the Spywall API does not do any filtering before passing it to an exec() call in proxy_file(), thus results in remote code execution under the context of the web server. Please note authentication is NOT needed to gain access.; tags | exploit, remote, web, code execution; advisories | CVE-2012-2953; SHA-256 | 0cd8a8da3d231693715d4e8b287a75415523666ac53647e469041b791662ac0b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 224 files
Ubuntu 102 files
Debian 21 files
Google Security Research 19 files
indoushka 18 files
Gentoo 14 files
Mirabbas Agalarov 12 files
Apple 9 files
CraCkEr 9 files
Ivan Fratric 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,753)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,783)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,311)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,633)
UNIX (9,237)
UnixWare (186)
Windows (6,555)
Other

CVE-2012-2953

Overview

Related Files

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems