Symantec Email Security Line Patched

Monday, August 14, 2017 @ 03:08 PM gHale

Symantec updated its Messaging Gateway email security product to fix multiple vulnerabilities.

The most serious of the security holes, tracked as CVE-2017-6327 and classified as high severity, is a remote code execution flaw discovered by Philip Pettersson.

Attackers Using New Backdoor
Malware at Bargain Price of $7
Backdoor Uses Legit Video App
Companies Held for Ransom: Report

“The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process,” Symantec said in its advisory. “In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.”

The second flaw, rated low severity and identified as CVE-2017-6328, is a cross site request forgery (CSRF) hole identified by Dhiraj Mishra. The security bug allows an attacker to execute commands via a trusted user by getting the victim to access a specially crafted website.

The vulnerabilities affect Symantec Messaging Gateway versions prior to 10.6.3-267, which addresses the issues said users should halt access to administrative and management systems, and run applications with the lowest level of privilege needed.

None of these vulnerabilities have undergone exploitation, Symantec said.

US-CERT released an alert to encourage organizations to review Symantec’s advisory and install the necessary updates.

Leave a Reply

You must be logged in to post a comment.