CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS
Percentile
44.4%
According to the self-reported version of the Web UI on the remote McAfee Email Gateway appliance, it is potentially affected by an unspecified command injection vulnerability. Exploitation could lead to arbitrary code execution.
Note that Nessus has not checked for the presence of a patch so this finding may be a false positive.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(70785);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-6349");
script_bugtraq_id(63544);
script_xref(name:"MCAFEE-SB", value:"SB10057");
script_name(english:"McAfee Email Gateway Appliance 7.x Unspecified Command Injection (SB10057)");
script_summary(english:"Checks version of McAfee Email Gateway");
script_set_attribute(
attribute:"synopsis",
value:
"The remote host is potentially affected by an unspecified command
injection vulnerability."
);
script_set_attribute(
attribute:"description",
value:
"According to the self-reported version of the Web UI on the remote
McAfee Email Gateway appliance, it is potentially affected by an
unspecified command injection vulnerability. Exploitation could lead to
arbitrary code execution.
Note that Nessus has not checked for the presence of a patch so this
finding may be a false positive."
);
script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10057");
script_set_attribute(attribute:"solution", value:"Apply MEG 7.0.4 or 7.5.1 or refer to the vendor for a workaround.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/15");
script_set_attribute(attribute:"patch_publication_date", value:"2012/10/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/07");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:email_gateway");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_dependencies("mcafee_webshield_web_ui_detect.nasl");
script_require_keys("Settings/ParanoidReport", "www/mcafee_webshield");
script_require_ports("Services/www", 443, 10443);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("webapp_func.inc");
include("http.inc");
port = get_http_port(default:10443);
install = get_install_from_kb(appname:'mcafee_webshield', port:port, exit_on_fail:TRUE);
ver = install['ver'];
dir = install['dir'];
url = build_url(qs:dir, port:port);
if (isnull(ver) || ver == '' || ver !~ '^([0-9]|[0-9][0-9.]*[0-9])$')
exit(0, 'No usable version information available for McAfee Email Gateway Web UI on port ' + port + '.');
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# matches 7.0.0-7.0.3 and 7.5.0
if (ver =~ "^7(\.0(\.[0-3])?)?$" || ver =~ "^7(\.5(\.0)?)?$")
{
if (report_verbosity > 0)
{
report =
'\n URL : ' + url +
'\n Installed version : ' + ver +
'\n';
security_hole(port:0, extra:report);
}
else security_hole(0);
}
else audit(AUDIT_OS_RELEASE_NOT, "McAfee Email Gateway", "7.0 - 7.0.3 or 7.5", ver);