OSVDB ID: 27590

Title: Symantec Brightmail AntiSpam DATABLOB-* Request Traversal Arbitrary File Write

Info

Disclosure

Jul 28, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Symantec Brightmail AntiSpam contains a flaw that may allow a malicious user to read or overwrite files. The issue is triggered when an attacker uses specially crafted filenames in a DATABLOB-GET or DATABLOB-SAVE request. By using directory traversal style attacks (../../), it is possible that an attacker could write a file to an arbitrary location.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified
OSVDB: Security Software

Solution

Upgrade to version 6.0.4 or higher or upgrade to Symantec Mail Security for SMTP 5.0, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Symantec Corporation	Brightmail AntiSpam	4.x
		5.x
		6.0.0
		6.0.1
		6.0.2
		6.0.3

References

CVE ID: 2006-4013 (see also: NVD)
Secunia Advisory ID: 21223
Related OSVDB ID: 27589
ISS X-Force ID: 28058
VUPEN Advisory: ADV-2006-3018
Vendor URL: http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=642
Vendor Specific Advisory URL: http://securityresponse.symantec.com/avcenter/security/Content/2006.07.27.html
Keyword: SYM06-012

Credit

George A. Theall - thealltenablesecurity.com - TenableSecurity

Direct URL: http://osvdb.org/27590

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Symantec Corporation

Brightmail AntiSpam

References

Credit