Kaspersky Secure Mail Gateway Multiple Security Vulnerabilities

Kaspersky Secure Mail Gateway is prone to the following multiple security vulnerabilities:

1. A cross-site request-forgery vulnerability
2. An arbitrary command-execution vulnerability.
3. A local privilege-escalation vulnerability
4. A cross-site scripting vulnerability
Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, obtain sensitive information, execute command with root privileges, and perform unauthorized actions. Failed exploits can result in a denial-of-service condition.

Secure Mail Gateway 1.1.0.379 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 102910
Class: Input Validation Error
CVE:
Remote: Yes
Local: Yes
Published: Feb 01 2018 12:00AM
Updated: Feb 01 2018 12:00AM
Credit: Leandro Barragan from Core Security Consulting Services
Vulnerable: Kaspersky Secure Mail Gateway 1.1.0.379

Not Vulnerable: Kaspersky Secure Mail Gateway 1.1 MR1

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• Kaspersky Home Page (Kasperksy)
  
• Advisory issued on 1st February, 2018 (Kaspersky)
  
• Kaspersky Secure Mail Gateway Multiple Vulnerabilities (CORE Security)
  

Source: www.securityfocus.com