Network Associates WebShield SMTP Configuration Modification Vulnerability

By default, Network Associates WebShield SMTP runs the management agent on port 9999. A remote user may gain access to this agent and modify the configuration of WebShield SMTP simply by connecting to this particular port. Issuing the command "GET_CONFIG<CR>" will return the current configuration. The management agent grants access based on a list of authorized hostnames, but will grant access to any IP adress which cannot be resolved to a hostname (WINS, DNS, netbios) even if 'MailCfg' is set to only allow configuration from localhost.


 

Privacy Statement
Copyright 2010, SecurityFocus