PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013
BID: 61477
OSVDB: 95782

Background

PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection.

Problem

PineApp Mail-SeCure is vulnerable to arbitrary command injection as a result of failure to properly sanitize user-supplied data in the test_li_connection.php component. An unauthenticated remote attacker could leverage this vulnerability to execute arbitrary code with root privileges.

Resolution

Contact the vendor for an update when one becomes available. In the interim, restrict access to ports 7443 and 7080 of the PineApp device or VM to those machines which have a legitimate need to access the PineApp software directly.

References

http://www.zerodayinitiative.com/advisories/ZDI-13-188/
http://secunia.com/advisories/54342/

Limitations

This exploit has been tested against PineApp Mail-SeCure 3.70 on PineApp Linux 3.0.53.

The Perl module MIME::Base64 is required to run the exploit.

Platforms

Linux

Back to exploit index