@RISK: The Consensus Security Vulnerability Alert
Week 29 2011
______________________________________________________________________
Summary of Updates and Vulnerabilities in this Consensus
Platform Number of Updates and Vulnerabilities
- ------------------------ -------------------------------------
Windows 3 (#1)
Third Party Windows Apps 6 (#2)
Linux 1
HP-UX 1
Cross Platform 7
Web Application 3
Network Device 5
Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)
Widely Deployed Software
(1) HIGH: Microsoft Windows Bluetooth Stack overflow
(2) MEDIUM: Trend Micro Control Manager Multiple Vulnerabilities
****************************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys
(www.qualys.com)
-- Windows
11.29.1 - Microsoft Windows Bluetooth Stack Remote Code Execution
11.29.2 - Microsoft Windows CSRSS Multiple Local Privilege Escalation Vulnerabilities
11.29.3 - Microsoft Windows Kernel "Win32k.sys" Multiple Vulnerabilities
-- Third Party Windows Apps
11.29.4 - ESTsoft ALPlayer ".asx" File Buffer Overflow
11.29.5 - Chilkat Crypt ActiveX Control "SaveDecrypted()" Insecure Method Vulnerability
11.29.6 - ZipWiz 2005 ".zip" File Buffer Overflow
11.29.7 - Effective File Search (EFS) DLL Loading Arbitrary Code Execution
11.29.8 - ZipItFree ".zip" File Buffer Overflow
11.29.9 - Trend Micro Control Manager "CASProcessor.exe" BLOB Remote Code Execution
11.29.4 - ESTsoft ALPlayer ".asx" File Buffer Overflow
11.29.5 - Chilkat Crypt ActiveX Control "SaveDecrypted()" Insecure Method Vulnerability
11.29.6 - ZipWiz 2005 ".zip" File Buffer Overflow
11.29.7 - Effective File Search (EFS) DLL Loading Arbitrary Code Execution
11.29.8 - ZipItFree ".zip" File Buffer Overflow
11.29.9 - Trend Micro Control Manager "CASProcessor.exe" BLOB Remote Code Execution
-- Linux
11.29.10 - Debian an d Ubuntu foo2zjs Insecure Temporary File Creation Vulnerability
11.29.10 - Debian an d Ubuntu foo2zjs Insecure Temporary File Creation Vulnerability
-- HP-UX
11.29.11 - HP-UX Dynamic Loader Unspecified Local Privilege Escalation
11.29.11 - HP-UX Dynamic Loader Unspecified Local Privilege Escalation
-- Cross Platform
11.29.12 - Apache XML Security for C++ Signature Key Parsing Denial of Service
11.29.13 - libpng PNG File Denial of Service
11.29.14 - Opera Web Browser Multiple Security Weaknesses
11.29.15 - IBM WebSphere MQ CDP Extension Revoked SSL Certificate Validation Security Bypass Vulnerability
11.29.16 - libsndfile PAF File Integer Overflow
11.29.17 - libvte9 "vte_sequence_handler_multiple()" Function Remote Denial of Service
11.29.18 - SAP MaxDB NULL Pointer Dereference Denial of Service
11.29.12 - Apache XML Security for C++ Signature Key Parsing Denial of Service
11.29.13 - libpng PNG File Denial of Service
11.29.14 - Opera Web Browser Multiple Security Weaknesses
11.29.15 - IBM WebSphere MQ CDP Extension Revoked SSL Certificate Validation Security Bypass Vulnerability
11.29.16 - libsndfile PAF File Integer Overflow
11.29.17 - libvte9 "vte_sequence_handler_multiple()" Function Remote Denial of Service
11.29.18 - SAP MaxDB NULL Pointer Dereference Denial of Service
-- Web Application
11.29.19 - phpMyAdmin Multiple Remote Vulnerabilities
11.29.20 - DotNetNuke Multiple Security Bypass Vulnerabilities
11.29.21 - Ferdows CMS Cross-Site Scripting and Multiple SQL Injection Vulnerabilities
-- Network Device11.29.19 - phpMyAdmin Multiple Remote Vulnerabilities
11.29.20 - DotNetNuke Multiple Security Bypass Vulnerabilities
11.29.21 - Ferdows CMS Cross-Site Scripting and Multiple SQL Injection Vulnerabilities
11.29.22 - Cisco Content Services Gateway Malformed ICMP Messages Denial of Service
11.29.23 - D-Link DSL-2650U Remote Denial of Service
11.29.24 - Aruba Networks ArubaOS HTTP Response Splitting and HTML Injection Vulnerabilities
11.29.25 - Ingate Firewall and SIParator SIP Module Remote Denial of Service
11.29.26 - Symantec Web Gateway Management GUI SQL Injection Vulnerability
______________________________________________________________________
PART I Critical Vulnerabilities
Part I for this issue has been compiled by Josh Bronson at TippingPoint,
a division of HP, as a by-product of that company's continuous effort
to ensure that its intrusion prevention products effectively block
exploits using known vulnerabilities. TippingPoint's analysis is
complemented by input from a council of security managers from twelve
large organizations who confidentially share with SANS the specific
actions they have taken to protect their systems. A detailed description
of the process may be found at
http://www.sans.org/newsletters/risk/#process
*************************************************************
(1) HIGH: Microsoft Windows Bluetooth Stack overflow
Affected:
Windows Vista Service Pack 1,2
Windows Vista x64 Edition Service Pack 1,2
Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Description: Microsoft has released a patch addressing a security
vulnerability in its Bluetooth driver code. By sending malicious
Bluetooth packets, an attacker can cause the driver code to access
uninitialized or deleted objects and then execute arbitrary code on a
target's machine with SYSTEM-level privileges. This vulnerability
requires the Bluetooth driver to be enabled.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.microsoft.com
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS11-053.mspx
SecurityFocus BugTraq IDs
http://www.securityfocus.com/bid/48617/discuss
*************************************************************
(2) MEDIUM: Trend Micro Control Manager Multiple Vulnerabilities
Affected:
Trend Micros Control Manager 5.0 and 5.5
Description: Trend Micro has released a patch for Control Manager, its
web-based security management console, addressing two vulnerabilities.
The first vulnerabilities involves the CASProcessor.exe process, which
listens on port 20801 by default. By sending a malicious request, an
attacker can exploit an integer overflow vulnerability in order to
execute arbitrary code with SYSTEM-level privileges. The second involves
the Cas_LogDirectInsert.aspx http handler, which listens for HTTPS
messages on port 443. By sending a POST request with malicious
information, an attacker can inject commands used to query the backend
database and create a new account. Using this account and the management
console, they can then execute arbitrary commands on the target machine.
Status: vendor confirmed, updates available
References:
Vendor Site
http://www.trendmicro.com
Vendor Advisory
http://esupport.trendmicro.com/solution/en-us/1058292.aspx
Zero Day Initiative Advisories
http://www.zerodayinitiative.com/advisories/ZDI-11-234/
http://www.zerodayinitiative.com/advisories/ZDI-11-235/
SecurityFocus BugTraq IDs
http://www.securityfocus.com/bid/48638
http://www.securityfocus.com/bid/48652
*************************************************************
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from
Qualys (www.qualys.com)
This list is compiled by Qualys ( www.qualys.com ) as part of that
company's ongoing effort to ensure its vulnerability management web
service tests for all known vulnerabilities that can be scanned. As of
this week Qualys scans for 11686 unique vulnerabilities. For this
special SANS community listing, Qualys also includes vulnerabilities
that cannot be scanned remotely.
______________________________________________________________________
11.29.1 CVE: CVE-2011-1265
Platform: Windows
Title: Microsoft Windows Bluetooth Stack Remote Code Execution
Description: Bluetooth is an industry standard protocol that enables
wireless connectivity for computers and other devices. The application is
exposed to a remote code execution issue because the Bluetooth stack fails
to adequately handle specially crafted Bluetooth packets. The issue affects
the "bthport.sys" driver. Windows Vista SP1 and SP2, Windows 7 and Windows 7
SP1 are affected.
Ref: http://www.microsoft.com/technet/security/Bulletin/MS11-053.mspx
______________________________________________________________________
11.29.2 CVE: CVE-2011-1281, CVE-2011-1282, CVE-2011-1283,
CVE-2011-1284, CVE-2011-1870
Platform: Windows
Title: Microsoft Windows CSRSS Multiple Local Privilege Escalation
Vulnerabilities
Description: Multiple local privilege
escalation issues affect the Microsoft Windows Client/Server Runtime
Subsystem (CSRSS) because it fails to sufficiently allocate memory
when dealing with specific user transactions. Windows XP SP3 and x64
SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server
2008 and Server 2008 SP2, Windows 7 and Windows 7 SP1, Windows Server
2008 R2 x64 and x64 SP1 are affected.
Ref: http://www.microsoft.com/technet/security/bulletin/MS11-056.mspx
______________________________________________________________________
11.29.3 CVE: CVE-2011-1874, CVE-2011-1875, CVE-2011-1876,
CVE-2011-1877, CVE-2011-1878, CVE-2011-1879, CVE-2011-1880,
CVE-2011-1881, CVE-2011-1882, CVE-2011-1883, CVE-2011-1884,
CVE-2011-1885, CVE-2011-1886, CVE-2011-1887, CVE-2011-1888
Platform: Windows
Title: Microsoft Windows Kernel "Win32k.sys" Multiple Vulnerabilities
Description: Microsoft Windows is exposed to multiple security issues
that occur in the Windows kernel "Win32k.sys" kernel mode device driver.
Multiple local privilege escalation issues are caused by a NULL pointer
dereference error that occurs due to a failure to properly manage
pointers to certain kernel driver objects. Multiple local privilege
escalation issues occur because an use-after-free error occurs due to
improper driver object management. A local information disclosure issue
occurs because it fails to properly validate certain function
parameters. Windows XP SP3 and x64 SP2, Windows Server 2003 SP2, Windows
Vista SP1 and SP2, Windows Server 2008 and Server 2008 SP2, Windows 7
and Windows 7 SP1, Windows Server 2008 R2 x64 and x64 SP1 are affected.
Ref: http://www.microsoft.com/technet/security/bulletin/MS11-054.mspx
______________________________________________________________________
11.29.4 CVE: Not Available
Platform: Third Party Windows Apps
Title: ESTsoft ALPlayer ".asx" File Buffer Overflow
Description: ALPlayer is a media player available for Microsoft
Windows. ALPlayer is exposed to a stack-based buffer overflow issue
because it fails to perform adequate boundary checks on user-supplied
input. Specifically, this issue occurs when opening a specially
crafted ".asx" playlist file. ALPlayer 2.0 is vulnerable and other
versions may also be affected.
Ref: http://www.securityfocus.com/bid/48583/discuss
______________________________________________________________________
11.29.5 CVE: Not Available
Platform: Third Party Windows Apps
Title: Chilkat Crypt ActiveX Control "SaveDecrypted()" Insecure Method
Vulnerability
Description: Chikat Crypt ActiveX control is used to encrypt, hash,
and sign data. The application is exposed to an issue caused by an
insecure method that lets attackers overwrite files with arbitrary,
attacker-controlled content. This issue occurs in the
"SaveDecrypted()" method of the "ChilkatCrypt2.dll" ActiveX control.
aTube Catcher version 2.3.570 is vulnerable and other versions may also
be affected.
Ref: http://www.securityfocus.com/archive/1/518740
______________________________________________________________________
11.29.6 CVE: Not Available
Platform: Third Party Windows Apps
Title: ZipWiz 2005 ".zip" File Buffer Overflow
Description: ZipWiz 2005 is a file compression application. The
application is exposed to a buffer overflow issue because it fails to
perform adequate checks on user-supplied input. Specifically, this
issue occurs when processing a specially crafted ".zip" file. ZipWiz
2005 5.0 is vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48624/discuss
______________________________________________________________________
11.29.7 CVE: Not Available
Platform: Third Party Windows Apps
Title: Effective File Search (EFS) DLL Loading Arbitrary Code
Execution
Description: Effective File Search is a file search utility for
Microsoft Windows. The application is exposed to a security issue
because the application searches for the "ztvunrar36.dll" Dynamic Link
Library in the current working directory. The issue can be exploited by
placing both a specially crafted library file and a file that is
associated with the vulnerable application in an attacker controlled
location. Using the application to open a ".efs" file will cause the
malicious library file to be executed. Effective File Search 6.7 is
vulnerable and other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48608/discuss
______________________________________________________________________
11.29.8 CVE: Not Available
Platform: Third Party Windows Apps
Title: ZipItFree ".zip" File Buffer Overflow
Description: ZipItFree is a file compression application. The
application is exposed to a heap-based buffer overflow issue because
it fails to perform adequate checks on user-supplied input.
Specifically, this issue occurs when processing a specially crafted
".zip" file. ZipItFree 3.0 is vulnerable; other versions may also be
affected.
Ref: http://www.securityfocus.com/bid/48629/discuss
______________________________________________________________________
11.29.9 CVE: Not Available
Platform: Third Party Windows Apps
Title: Trend Micro Control Manager "CASProcessor.exe" BLOB Remote Code
Execution
Description: Trend Micro Control Manager is a Web-based management
console. The application is exposed to a remote code execution issue.
The issue affects the "En_Utility.dll" file when communicating with
the "CASProcessor.exe" process through TCP port 20801. The issue
occurs in the "HandleMcpRequest()" function when parsing a specially
crafted packet with malformed BLOB encrypted data. Trend Micro Control
Manager 5.0 and 5.5 are vulnerable and other versions may also be
affected.
Ref: http://esupport.trendmicro.com/solution/en-us/1058292.aspx
______________________________________________________________________
11.29.10 CVE: Not Available
Platform: Linux
Title: Debian and Ubuntu foo2zjs Insecure Temporary File Creation
Vulnerability
Description: Foo2zjs is an open source printer driver for the ZjStream
protocol. Foo2zjs creates "/tmp/foo2zjs" in an insecure manner. An
attacker with local access could potentially exploit this issue to
perform symbolic-link attacks, overwriting arbitrary files in the
context of the affected application. Debian and Ubuntu are affected.
Ref: http://www.securityfocus.com/bid/48586/discuss
______________________________________________________________________
11.29.11 CVE: CVE-2011-2398
Platform: HP-UX
Title: HP-UX Dynamic Loader Unspecified Local Privilege Escalation
Description: HP-UX Dynamic Loader is a Unix-based operating system.
Dynamic Loader is exposed to an unspecified local privilege escalation
issue. HP-UX B.11.11, B.11.23, and B.11.31 are vulnerable and other
versions may also be affected.
Ref:
http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02904002&ac.admitted=1310010561389.876444892.492883150
______________________________________________________________________
11.29.12 CVE: CVE-2011-2516
Platform: Cross Platform
Title: Apache XML Security for C++ Signature Key Parsing Denial of
Service
Description: Apache XML Security for C++ is a library that implements
the primary security standards for XML. The library is exposed to a
denial of service issue. Specifically, the issue is caused by a
buffer overflow condition when creating or verifying XML signatures
with RSA keys of sizes in the order of 8192 bits or more. Attackers
can exploit this issue through overly long keys and cause the
application to deny service. Apache XML Security for C++ versions
prior to 1.6.1 are affected.
Ref: http://santuario.apache.org/secadv/CVE-2011-2516.txt
_______________________________________________________ ________ _______
11.29.13 CVE: Not Available
Platform: Cross Platform
Title: libpng PNG File Denial of Service
Description: The "libpng" library is a PNG reference library. The
application is exposed to a remote denial of service issue because it
fails to properly handle a sCAL chunk. Specifically, the
issue occurs when processing specially crafted PNG files. libpng
versions 1.5.x before 1.5.4, 1.4.x before 1.4.8, 1.2.x before 1.2.45
and 1.0.x before 1.0.55 are affected.
Ref: http://www.kb.cert.org/vuls/id/819894
______________________________________________________________________
11.29.14 CVE: CVE-2011-2634
Platform: Cross Platform
Title: Opera Web Browser Multiple Security Weaknesses
Description: Opera is a Web browser application. The application is
exposed to multiple security weaknesses that may allow unspecified
third party applications to hijack searches and customizations. Opera
versions prior to 11.10 are vulnerable.
Ref: http://www.opera.com/docs/changelogs/windows/1110/
http://www.opera.com/docs/changelogs/unix/1110/
http://www.opera.com/docs/changelogs/mac/1110/
______________________________________________________________________
11.29.15 CVE: CVE-2011-1224
Platform: Cross Platform
Title: IBM WebSphere MQ CDP Extension Revoked SSL Certificate
Validation Security Bypass Vulnerability
Description: IBM WebSphere MQ is a commercially available messaging
engine for enterprises. The application is exposed to a security
bypass issue that occurs because it fails to use the CRL Distribution
Points certificate extension which results in improper
validation of revoked SSL certificates. Versions prior to WebSphere MQ
6.0.2.11 and 7.0.1.5 are vulnerable.
Ref: http://www-01.ibm.com/support/docview.wss?uid=swg27014224
http://www-01.ibm.com/support/docview.wss?uid=swg27007069
______________________________________________________________________
11.29.16 CVE: Not Available
Platform: Cross Platform
Title: libsndfile PAF File Integer Overflow
Description: The "libsndfile" library is used for reading and writing
audio files. The application is exposed to an integer overflow issue
because it fails to perform adequate boundary checks on user-supplied
data. Specifically, this issue occurs within the "paf24_init()"
function of the "src/paf.c" source file when parsing specially crafted
"PAF" (Paris Audio) files. libsndfile 1.0.24 is vulnerable and other
versions may also be affected.
Ref: http://www.securityfocus.com/bid/48644/discuss
______________________________________________________________________
11.29.17 CVE: CVE-2011-2198
Platform: Cross Platform
Title: libvte9 "vte_sequence_handler_multiple()" Function Remote
Denial of Service
Description: The VTE library provides a terminal emulator widget
(VteTerminal) for applications using the GTK+ toolkit. The library is
exposed to a remote denial of service issue. Specifically, the issue
occurs because the library fails to sanitize user-supplied input that
has been submitted to the "insert-blank-characters" capability
(defined in "caps.c"). The issue affects the
"vte_sequence_handler_multiple()" function of the "vteseq.c" source
file. libvte9 1:0.24.3-2 is vulnerable and other versions may also be
affected.
Ref: http://www.securityfocus.com/bid/48645/discuss
______________________________________________________________________
11.29.18 CVE: Not Available
Platform: Cross Platform
Title: SAP MaxDB NULL Pointer Dereference Denial of Service
Description: SAP MaxDB is a database application available for
multiple platforms. The application is exposed to a denial of service
issue. Specifically, the issue occurs due to a NULL pointer
dereference error in the "DBTech-MAXDB" service (kernel.exe) when
processing specially crafted login handshake packets. SAP MaxDB
7.8.01.18 is vulnerable; other versions may also be affected.
Ref: http://www.securityfocus.com/bid/48646/discuss
______________________________________________________________________
11.29.19 CVE: CVE-2011-2508,CVE-2011-2507,CVE-2011-2506,CVE-2011-2505
Platform: Web Application
Title: phpMyAdmin Multiple Remote Vulnerabilities
Description: phpMyAdmin is a PHP-based Web application. The
application is exposed to multiple issues. An arbitrary PHP
code execution issue occurs due to an error in the "Swekey_login()"
function of the "libraries/auth/swekey/swekey.auth.lib.php" script.
An arbitrary PHP code execution issue occurs because the application
fails to properly sanitize user-supplied input passed to the
"PMA_createTargetTables()" function of the
"libraries/server_synchronize.lib.php" script. A local file include issue occurs
because the application fails to properly sanitize user-supplied input
passed to the "PMA_displayTableBody()" function of the
"libraries/display_tbl.lib.php" script. A PHP code injection is
possible in the setup scripts if the session variables are
overwritten. phpMyAdmin versions prior to 3.3.10.2 and 3.4.3.1 are vulnerable.
Ref: http://www.phpmyadmin.net/home_page/security/PMASA-2011-5.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-7.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-8.php
______________________________________________________________________
11.29.20 CVE: Not Available
Platform: Web Application
Title: DotNetNuke Multiple Security Bypass Vulnerabilities
Description: DotNetNuke is an open source framework for creating and
deploying web sites. The application is exposed to multiple security
bypass issues. A security bypass issue occurs due to an error in the
"soft-delete" function. An attacker can exploit this issue to undelete
a user by re-registering with the same credentials. A security bypass
issue occurs due to an error when validating user permissions in certain
management functions. A security bypass issue occurs due to an error
when verifying uploaded files. A security bypass issue occurs due to an
error when granting edit permissions for a webpage or a module. Versions
prior to DotNetNuke 5.6.3 are vulnerable.
Ref: http://www.securityfocus.com/bid/48584/discuss
______________________________________________________________________
11.29.21 CVE: Not Available
Platform: Web Application
Title: Ferdows CMS Cross-Site Scripting and Multiple SQL Injection
Vulnerabilities
Description: Ferdows CMS is a web-based application implemented in
ASP.NET. Ferdows CMS is exposed to multiple issues. A
cross-site scripting issue affects the "dataid" parameter of the
"showdata.aspx" script. The application is also exposed to Multiple
SQL injection issues. Ferdows CMS
Pro 1.1.0 and Ferdows CMS 9.0.5 are affected.
Ref: http://www.securityfocus.com/bid/48640/discuss
______________________________________________________________________
11.29.22 CVE: CVE-2011-2064
Platform: Network Device
Title: Cisco Content Services Gateway Malformed ICMP Messages Denial
of Service
Description: Cisco Content Services Gateway is a device used to
monitor network use. Cisco Content Services Gateway is exposed to a
denial of service issue when handling specially crafted ICMP messages.
Second Generation of Content Services Gateway is affected.
Ref:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b86503.shtml
______________________________________________________________________
11.29.23 CVE: Not Available
Platform: Network Device
Title: D-Link DSL-2650U Remote Denial of Service
Description: The D-Link DSL-2650U is an ADSL router with an 802.11g
wireless access point. The Web server running on the device is exposed
to a remote denial of service issue. The issue occurs due to the
improper handling of an overly large string provided to the "diagPrev"
parameter of the "diagpppoe.cgi" script. D-Link DSL-2650U 1.20 is
affected; other versions may also be vulnerable.
Ref: http://www.securityfocus.com/bid/48612/discuss
______________________________________________________________________
11.29.24 CVE: Not Available
Platform: Network Device
Title: Aruba Networks ArubaOS HTTP Response Splitting and HTML
Injection Vulnerabilities
Description: Aruba OS is an operating system used by various Aruba
Networks network devices, including the Aruba Mobility Controller.
Aruba Networks ArubaOS is exposed to multiple input validation issues.
An HTML injection issue affects the reporting feature of ArubaOS
and AirWave Administration WebUIs. An HTTP response splitting issue
affects the Captive Portal Web Interface. ArubaOS 3.3.X, 3.4.X, 5.0.X,
6.0.X, 2.4.X-FIPS, 3.3.X-FIPS, 3.4.X-FIPS and AirWave 7.2.X are
affected.
Ref: http://www.securityfocus.com/archive/1/518751
______________________________________________________________________
11.29.25 CVE: Not Available
Platform: Network Device
Title: Ingate Firewall and SIParator SIP Module Remote Denial of
Service
Description: Ingate Firewalls are hardware firewall devices that
support Session Initiation Protocol (SIP) via SIParator SIP-based
communication devices. Ingate Firewall and SIParator are exposed to a
denial of service issue. The issue occurs when processing SIP requests
that contain multiple Transport Layer Security destinations.
Ingate SIParator 4.9.1 and prior are affected.
Ref: http://www.ingate.com/Relnote.php?ver=492
______________________________________________________________________
11.29.26 CVE: CVE-2011-0549
Platform: Network Device
Title: Symantec Web Gateway Management GUI SQL Injection Vulnerability
Description: Symantec Web Gateway is a web security gateway appliance.
The device is exposed to an SQL injection issue because it fails to
sufficiently sanitize user-supplied data passed to the management GUI.
Versions prior to Symantec Web Gateway 5.0.1 are vulnerable.
Ref:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110707_00
______________________________________________________________________
