CVE-2012-1821
https://notcve.org/view.php?id=CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. El módulo Network Threat Protection en Manager component en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.700x en Windows Server 2003 permite a atacantes remotos causar una denegación de servicio (bloqueo de la aplicación) a través de una inundación de paquetes automatizados. • http://osvdb.org/82147 http://secunia.com/advisories/49221 http://www.kb.cert.org/vuls/id/149070 http://www.securityfocus.com/bid/50358 http://www.securitytracker.com/id?1027092 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00 •
CVE-2012-0289 – Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0289
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script. Desbordamiento de búfer en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.710x y Symantec Network Access Control (SNAC) v11.0.600x hasta v11.0.710x, permite a usuarios locales obtener privilegios, y modificar los datos o causar una denegación de servicio, a través de un script malicioso. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within SemSvc.exe which listens by default on TCP port 8443 (https). The SemSvc service exposes a servlet called 'AgentServlet" which allows remote users to activate certain tasks without prior authentication. • https://www.exploit-db.com/exploits/18916 http://www.securityfocus.com/bid/51795 http://www.securitytracker.com/id?1027093 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0550
https://notcve.org/view.php?id=CVE-2011-0550
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS en el Web Interface en el Endpoint Protection Manager en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.6300 permite a atacantes remotos inyectar código script de su elección o HTML a través del (1) token de parámetro portal/Help.jsp o (2) la URI en una petición console/apps/sepm. • http://secunia.com/advisories/43662 http://securitytracker.com/id?1025919 http://www.osvdb.org/74465 http://www.osvdb.org/74466 http://www.securityfocus.com/bid/48231 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/69136 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-0551
https://notcve.org/view.php?id=CVE-2011-0551
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. Vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en Web Interface en el Endpoint Protection Manager en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.6300, permite a atacantes remotos secuestrar la autenticación de los administradores para las peticiones que crean cuentas administrativas. • http://secunia.com/advisories/43662 http://securitytracker.com/id?1025919 http://www.osvdb.org/74467 http://www.securityfocus.com/bid/49101 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00 • CWE-352: Cross-Site Request Forgery (CSRF) •