Symantec Endpoint Protection Multiple Vulnerabilities
Last Update Date:
24 May 2012 11:05
Release Date:
24 May 2012
4997
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities have been identified in Symantec Endpoint Protection, which can be exploited by a remote user to cause remote code execution, denial of service and elevation of privilege.
- A remote authenticated user can conduct network scans of the target Symantec Endpoint Protection Manager host to cause the target Network Threat Protection module to block all traffic to the server. The host becomes unresponsive to IIS-based web server requests.
- A remote user can exploit a flaw in a service on the target Manager console to traverse the directory and delete files on the target system.
- A remote user can then insert and execute arbitrary code with System privileges.
- A local user can trigger a buffer overflow in a function on Symantec Network Access Control and Symantec Endpoint Protection to execute arbitrary code on the target system with elevated privileges.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- Versions prior to 11 RU7 MP2 or 12.1 RU1-MP1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (SEP 11 RU7 MP2 and SEP 12.1 RU1-MP1).
Vulnerability Identifier
Source
Related Link
Share with