Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012
CVE: CVE-2012-3579
BID: 55143
OSVDB: 85028

Background

Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection.

Problem

Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be used to login remotely to the SSH service, and then gain privileged access.

Resolution

Upgrade to Symantec Messaging Gateway 10.0 or higher.

References

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00

Limitations

Exploit works against Symantec Messaging Gateway 9.5.3-3 on platform CentOS Project CentOS 5.0 with Exec-Shield Enabled.

The OpenSSH client must be installed on the SAINTexploit host.

Platforms

Linux

Back to exploit index