PineApp Mail-SeCure ldapsyncnow.php command injection

Added: 08/14/2013
BID: 61474
OSVDB: 95781

Background

PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection.

Problem

A vulnerability in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands contained in the shell_command parameter in a request for the ldapsyncnow.php script.

Resolution

Restrict access to ports 7080 and 7443.

References

http://www.zerodayinitiative.com/advisories/ZDI-13-185/

Limitations

Exploit works on PineApp Mail-SeCure 3.70 running on PineApp Linux 3.0.53.

Platforms

Linux

Back to exploit index