Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
19 September 2013
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 126.96.36.199 and 3.8 before 188.8.131.52 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
As organizations plan for the future, and how security has to operate within their business, they now have to worry about the IoT. Geoff Webb, Director of Solution Strategy at NetIQ, discusses the implications and likely impact of the Internet of Things.