Symantec Mail Security for Exchange and Domino Decomposer Engine Multiple DoS (SYM16-015)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by
multiple denial of service vulnerabilities.

Description :

The version of Symantec Mail Security for Exchange (SMSMSE) or
Symantec Mail Security for Domino (SMSDOM) installed on the remote
Windows host is affected by multiple denial of service vulnerabilities
in the decomposer engine :

- A denial of service vulnerability exists in the
decomposer engine due to an out-of-bounds read error
that occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5309)

- A denial of service vulnerability exists in the
decomposer engine due to memory corruption issue that
occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5310)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?a4125a0d
https://support.symantec.com/en_US/article.INFO3793.html
https://support.symantec.com/en_US/article.INFO3794.html

Solution :

Apply the appropriate hotfix per the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.9
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 93652 ()

Bugtraq ID: 92866
92868

CVE ID: CVE-2016-5309
CVE-2016-5310

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now