[原文]The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: email@example.com.
NAI WebShield SMTP GET_CONFIG Information Disclosure
Remote / Network Access
Loss of Confidentiality
WebShield SMTP contains a flaw that allows a remote attacker to obtain configuration information from the product. The issue is due to the GET_CONFIG command requiring no authentication. If an attacker connects to port 9999 and issues this command, the system will display all of the WebShield configuration options which may allow more focused attacks.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds:
1. Run the service as a restricted user, not with SYSTEM privileges.
2. Use access controls to restrict access to port 9999