CREATOR,CREATION_TIME,USN,TIME_STAMP,DELETED+from+SEM_CLIENT
Both require authentication. The latter does also require a request
signature REQUESTSIG, which is based on the requested parameters and a
hard-coded key.
--
Markus Wulftange
Senior Penetration Tester
Code White GmbH
Magirus-Deutz-Straß
address the issues.
For a full disclosure of some of the vulnerabilities, see:
http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html
--
Markus Wulftange
Senior Penetration Tester
Code White GmbH
Magirus-Deutz-Straße 18
89077 Ulm
E-Mail markus.wulfta...@code-white.com
