McAfee WebShield UI mui Directory Traversal (SB10026)

medium Nessus Plugin ID 59112

Synopsis

An application hosted on the remote web server is affected by a directory traversal vulnerability.

Description

The version of the McAfee WebShield UI hosted on the remote web server is affected by a directory traversal vulnerability. Input passed to the query string of /cgi-bin/mui is not properly sanitized. A remote, unauthenticated attacker can exploit this to read arbitrary files as the apache user.

Solution

Apply the relevant hotfix specified in McAfee Security Bulletin SB10026.

See Also

https://www.tenable.com/security/research/tra-2012-17

https://kc.mcafee.com/corporate/index?page=content&id=SB10026

Plugin Details

Severity: Medium

ID: 59112

File Name: mcafee_webshield_mui_dir_traversal.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 5/16/2012

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2012-4596

Vulnerability Information

CPE: cpe:/a:mcafee:email_and_web_security, cpe:/a:mcafee:email_gateway

Required KB Items: www/mcafee_webshield

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/8/2012

Vulnerability Publication Date: 5/8/2012

Exploitable With

Elliot (McAfee Email Gateway 7.0 File Disclosure)

Reference Information

CVE: CVE-2012-4596

BID: 55184

MCAFEE-SB: SB10026

TRA: TRA-2012-17