Ayuda de vídeo de Screencast

SWG vulnerabilities

Created: 11 Enero 2013 | 5 comments
el cuadro de los Atif

Hi Guys,

During scanning with Symantec CCS-VM (Vulnerability Manager), we found following vulnerabilities on Symantec Web Gateway. I believe the Critical Ones are due to the fact that RA (Remote Assistance) is enabled. Would like to hear from expert how these vulnerabilities can be addressed.

Vulnerability Severity Instances
Back Orifice Backdoor Installed Critical 1
rexec' Remote Execution Service Enabled Critical 1
rlogin' Remote Login Service Enabled Critical 1
rsh' Remote Shell Service Enabled Critical 1
VNC remote control service installed Critical 1
X.509 Certificate Subject CN Does Not Match the Entity Name Severe 1
Cross Site Scripting Vulnerability Severe 1
Database Open Access Severe 1
Missing HttpOnly Flag From Cookie Severe 2
Missing Secure Flag From SSL Cookie Severe 1
TCP Sequence Number Approximation Vulnerability Severe 1
Autocomplete enabled for sensitive HTML form fields Severe 1
Self-signed TLS/SSL certificate Severe 1
Apache httpd mod_imap XSS (CVE-2007-5000) Severe 1
Weak Cryptographic Key Moderate 1
ICMP timestamp response Moderate 1
Discusión Filed Under:

Comentarios ComentariosIr al último comentario

el cuadro de los SMLatCST

"Thumbs Up" to this thread.  I'd also be curious about the results for this...

Were these vulnerablilities discovered on the MGMT or LAN interface (or both?)

el cuadro de los Atif

These are the combined vulnerabilities for both LAN and MGMT interface.

el cuadro de los Mike Buckley

Anybody that's run a pen test against SWG will see results like this.  If you raise a support case with Symantec they will address them for you.  In our case from two we reported one was a false positive (Nessus assumed a vulnerability due to a reported version number by Symantec had addressed the patch themselves) and the one we did find (actually in the list above) is receiving attention from Symantec and will be addressed in an upcoming release.

Slightly ironic that CCS-VM finds these, I'm due to run that in an environment with SWGs in place so I'll look out for this.

el cuadro de los Symantec Corp.

Symantec is currently investigating this issue to determine the validity of these findings. We will provide additional information as soon as we’re able.

el cuadro de los Atif

Thanks. We will be waiting for Symantec response on this.