Описание
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-2203
- https://www.exploit-db.com/exploits/39715
- http://packetstormsecurity.com/files/136758/Symantec-Brightmail-10.6.0-7-LDAP-Credential-Grabber.html
- http://www.securityfocus.com/bid/86137
- http://www.securitytracker.com/id/1035609
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160418_00
Связанные уязвимости
CVSS3: 7.8
nvd
почти 10 лет назад
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.