Added: 10/02/2012
CVE: CVE-2012-3579
BID: 55143
OSVDB: 85028
Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection.
Symantec Messaging Gateway versions before 10.0 have a default password for the “support” account, which can be used to login remotely to the SSH service, and then gain privileged access.
Upgrade to Symantec Messaging Gateway 10.0 or higher.
[http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00 ](<http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00
>)
Exploit works against Symantec Messaging Gateway 9.5.3-3 on platform CentOS Project CentOS 5.0 with Exec-Shield Enabled.
The OpenSSH client must be installed on the SAINTexploit host.
Linux