CVE-2015-1490
https://notcve.org/view.php?id=CVE-2015-1490
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package. Vulnerabilidad en salto de directorio en la consola de administración de Symantec Endpoint Protection Manager (SEPM) 12.1 en versiones anteriores a 12.1-RU6-MP1, permite a usuarios remotos autenticados leer archivos arbitrarios a través de un nombre de ruta relativo en un paquete de instalación del cliente. • http://www.securityfocus.com/bid/76081 http://www.securitytracker.com/id/1033165 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2015-1486 – Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
https://notcve.org/view.php?id=CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session. Vulnerabilidad en la consola de administración de Symantec Endpoint Protection Manager (SEPM) 12.1 en versiones anteriores a 12.1-RU6-MP1, permite a atacantes remotos evadir la autenticación a través de una acción password-reset manipulada que desencadena una nueva sesión administrativa. • https://www.exploit-db.com/exploits/37812 http://www.securityfocus.com/bid/76074 http://www.securitytracker.com/id/1033165 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/sepm_auth_bypass_rce.rb • CWE-287: Improper Authentication •
CVE-2015-1487 – Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
https://notcve.org/view.php?id=CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename. Vulnerabilidad en la consola de administración de Symantec Endpoint Protection Manager (SEPM) 12.1 en versiones anteriores a 12.1-RU6-MP1, permite a usuarios remotos autenticados escribir en archivos arbitrarios y, por tanto, obtener privilegios de administrador a través de un nombre de archivo manipulado. • https://www.exploit-db.com/exploits/37812 http://www.securityfocus.com/bid/76094 http://www.securitytracker.com/id/1033165 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/sepm_auth_bypass_rce.rb • CWE-20: Improper Input Validation •
CVE-2015-1489 – Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
https://notcve.org/view.php?id=CVE-2015-1489
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors. Vulnerabilidad en la consola de administración de Symantec Endpoint Protection Manager (SEPM) 12.1 en versiones anteriores a 12.1-RU6-MP1, permite a usuarios remotos autenticados obtener privilegios a través de vectores no especificados. • https://www.exploit-db.com/exploits/37812 http://www.securityfocus.com/bid/76078 http://www.securitytracker.com/id/1033165 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/sepm_auth_bypass_rce.rb • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-1492
https://notcve.org/view.php?id=CVE-2015-1492
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package. Vulnerabilidad en la ruta de búsqueda no fiable en el cliente de Symantec Endpoint Protection 12.1 en versiones anteriores a 12.1-RU6-MP1, permite a usuarios locales obtener privilegios a través de un Troyano DLL en un paquete de instalación de cliente. • http://www.securityfocus.com/bid/76083 http://www.securitytracker.com/id/1033165 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 • CWE-20: Improper Input Validation •