CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0CVE-2012-1821
https://notcve.org/view.php?id=CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. El módulo Network Threat Protection en Manager component en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.700x en Windows Server 2003 permite a atacantes remotos causar una denegación de servicio (bloqueo de la aplicación) a través de una inundación de paquetes automatizados. • http://osvdb.org/82147 http://secunia.com/advisories/49221 http://www.kb.cert.org/vuls/id/149070 http://www.securityfocus.com/bid/50358 http://www.securitytracker.com/id?1027092 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00 •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 2CVE-2012-0289 – Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0289
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script. Desbordamiento de búfer en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.710x y Symantec Network Access Control (SNAC) v11.0.600x hasta v11.0.710x, permite a usuarios locales obtener privilegios, y modificar los datos o causar una denegación de servicio, a través de un script malicioso. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within SemSvc.exe which listens by default on TCP port 8443 (https). The SemSvc service exposes a servlet called 'AgentServlet" which allows remote users to activate certain tasks without prior authentication. • https://www.exploit-db.com/exploits/18916 http://www.securityfocus.com/bid/51795 http://www.securitytracker.com/id?1027093 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •