PineApp Mail-SeCure confnetworking.html nsserver command execution
Added: 11/25/2013CVE: CVE-2013-6830
BID: 63817
OSVDB: 100029
Background
PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection.Problem
A vulnerability in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands contained in the nsserver parameter in a request for the confnetworking.html script.Resolution
Restrict access to ports 7080 and 7443.References
http://www.exploit-db.com/exploits/29734/Limitations
Exploit requires wget to be installed on the target system.Platforms
LinuxBack to exploit index