Symantec Endpoint Protection Bug Lets Remote Authenticated Users Deny Service
|
|
SecurityTracker Alert ID: 1027092 |
|
SecurityTracker URL: http://securitytracker.com/id/1027092
|
|
CVE Reference:
CVE-2012-1821
(Links to External Site)
|
Date: May 23 2012
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 11.0 RU6(11.0.600x), 11.0 RU6-MP1(11.0.610x), 11.0 RU6-MP2(11.0.620x), 11.0 RU6-MP3(11.0.630x), 11.0 RU7(11.0.700x), 11.0 RU7 MP1 (11.0.710x)
|
Description:
A vulnerability was reported in Symantec Endpoint Protection. A remote authenticated user can cause denial of service conditions.
A remote authenticated user can conduct network scans of the target Symantec Endpoint Protection Manager host to cause the target Network Threat Protection module to block all traffic to the server.
This may cause the server to stop serving pages. In some cases, the server may consume excessive resources and hang or crash.
Clear Skies Security reported this vulnerability via CERT/CC.
|
Impact:
A remote authenticated user can cause the target Symantec Endpoint Protection Manager becoming unresponsive to IIS-based web server requests.
|
Solution:
The vendor has issued a fix (SEP 11 RU7 MP2).
The vendor's advisory is available at:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00
|
Vendor URL: www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00 (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Windows (2003)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 23 May 2012 22:58:27 +0000
Subject: Symantec Endpoint Protection
|
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00
CVE-2012-1821
|
|
