Symantec Endpoint Protection Multiple Vulnerabilities

Last Update Date: 24 May 2012 11:05 Release Date: 24 May 2012 4493 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Symantec Endpoint Protection, which can be exploited by a remote user to cause remote code execution, denial of service and elevation of privilege.

  1. A remote authenticated user can conduct network scans of the target Symantec Endpoint Protection Manager host to cause the target Network Threat Protection module to block all traffic to the server. The host becomes unresponsive to IIS-based web server requests.
  2. A remote user can exploit a flaw in a service on the target Manager console to traverse the directory and delete files on the target system.
  3. A remote user can then insert and execute arbitrary code with System privileges.
  4. A local user can trigger a buffer overflow in a function on Symantec Network Access Control and Symantec Endpoint Protection to execute arbitrary code on the target system with elevated privileges.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Data Manipulation

System / Technologies affected

  • Versions prior to 11 RU7 MP2 or 12.1 RU1-MP1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix (SEP 11 RU7 MP2 and SEP 12.1 RU1-MP1).

Vulnerability Identifier

Source

Related Link

Share with

Previous

Novell iPrint Server `attributes-natural-language´ Buffer Overflow Vulnerability

3 Feb 2012 4792 Views

Next

Google Chrome Multiple Vulnerabilities

25 May 2012 4549 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY