Do you have example requests for the SQL injections?
> On Jul 31, 2015, at 7:40 AM, Markus Wulftange > <markus.wulfta...@code-white.com> wrote: > > Code White found several vulnerabilities in Symantec Endpoint Protection > (SEP), affecting versions 12.1 prior to 12.1 RU6 MP1. > > SEP Manager (SEPM): > > * CVE-2015-1486: Authentication Bypass > * CVE-2015-1487: Arbitrary File Write > * CVE-2015-1488: Arbitrary File Read > * CVE-2015-1489: Privilege Escalation > * CVE-2015-1490: Path Traversal > * CVE-2015-1491: SQL Injection > > SEP clients: > > * CVE-2015-1492: Binary Planting > > Official Symantec advisory SYM15-007: > > https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00 > > > An exploitation of these vulnerabilities effectively allow an > unauthenticated remote attacker the full compromise of both the SEPM > server as well as SEP clients running Windows. This can result in a full > compromise of an enterprise Windows domain. > > Symantec provided the update 12.1 RU6 MP1 to address the issues. > > > For a full disclosure of some of the vulnerabilities, see: > > http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html > > > -- > Markus Wulftange > Senior Penetration Tester > > Code White GmbH > Magirus-Deutz-Straße 18 > 89077 Ulm > > E-Mail markus.wulfta...@code-white.com > PGP C6D6 C18B BAB9 0089 6942 213D 7772 8552 E9F8 6F39 > > http://www.code-white.com > > Code White GmbH > Sitz und Registergericht/Domicile and Register Court: Stuttgart, > HRB-Nr./Commercial Register No.: 749152 > Geschäftsführung/Management: Dr. Helmut Mahler, Andreas Melzner, Lüder > Sachse > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
