Computer Security
[EN] securityvulns.ru no-pyccku


Symantec Messaging Gateway backdoor
updated since 02.09.2012
Published:19.09.2012
Source:
SecurityVulns ID:12554
Type:remote
Threat Level:
6/10
Description:User 'support' with known insecure password is available by default.
Affected:SYMANTEC : Symantec Messaging Gateway 9.5
CVE:CVE-2012-3579 (Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.)
Original documentdocumentNCC Group Research, NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account (19.09.2012)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20120829-0 :: Symantec Messaging Gateway - Support Backdoor (02.09.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod