Symantec Hit with Multiple Vulnerabilities

Friday, August 12, 2011 @ 12:08 PM gHale

Multiple vulnerabilities are in security software provider’s Symantec Endpoint Protection Manager, which an attacker can exploit to conduct cross-site scripting and request forgery attacks, said officials at security provider Secunia.

RELATED STORIES
Siemens PLC Analysis Report
ICS, SCADA Security Boot Camp
SCADA Hacking via Search Engines
Insider Threat to Utilities

The following are vulnerabilities and what can occur:
1. Input appended to the URL after/console/apps/sepm does not undergo sanitation before returning to the user. A hacker can exploit this to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
2. Input passed via the “token” parameter to portal/Help.jsp does not undergo sanitation before returning to the user. An attacker can exploit this to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
3. The portal application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. An attacker can exploit this to e.g. add an administrative user by tricking a logged in administrator into visiting a malicious web site.

Officials confirmed the vulnerabilities in version 11.0.6 Maintenance Patch 2 (11.0.6200.754). Other versions may also have the same vulnerabilities.



Leave a Reply

You must be logged in to post a comment.