Symantec Web Gateway Multiple Script Shell Command Execution (SYM12-011)
Critical Nessus Plugin ID 61435
SynopsisThe remote host is affected by a shell command execution vulnerability.
DescriptionThe Symantec Web Gateway install on the remote host is affected by a remote shell command execution vulnerability due to its failure to sanitize input to the 'ip' parameter of the 'fromha.php' script.
An unauthenticated, remote attacker can exploit this vulnerability to save a random PHP script on the affected host and then execute that as a privileged user.
Note that this install is likely affected by several other issues, although this plugin has not checked for them.
SolutionUpgrade to Symantec Web Gateway version 188.8.131.52 and apply database upgrade 184.108.40.2068.