lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 1 Aug 2015 10:20:28 -0500
From: Brandon Perry <bperry.volatile@...il.com>
To: Markus Wulftange <markus.wulftange@...e-white.com>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] Symantec Endpoint Protection

Do you have example requests for the SQL injections?


> On Jul 31, 2015, at 7:40 AM, Markus Wulftange <markus.wulftange@...e-white.com> wrote:
> 
> Code White found several vulnerabilities in Symantec Endpoint Protection
> (SEP), affecting versions 12.1 prior to 12.1 RU6 MP1.
> 
> SEP Manager (SEPM):
> 
> * CVE-2015-1486: Authentication Bypass
> * CVE-2015-1487: Arbitrary File Write
> * CVE-2015-1488: Arbitrary File Read
> * CVE-2015-1489: Privilege Escalation
> * CVE-2015-1490: Path Traversal
> * CVE-2015-1491: SQL Injection
> 
> SEP clients:
> 
> * CVE-2015-1492: Binary Planting
> 
> Official Symantec advisory SYM15-007:
> 
> https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00
> 
> 
> An exploitation of these vulnerabilities effectively allow an
> unauthenticated remote attacker the full compromise of both the SEPM
> server as well as SEP clients running Windows. This can result in a full
> compromise of an enterprise Windows domain.
> 
> Symantec provided the update 12.1 RU6 MP1 to address the issues.
> 
> 
> For a full disclosure of some of the vulnerabilities, see:
> 
> http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html
> 
> 
> --
> Markus Wulftange
> Senior Penetration Tester
> 
> Code White GmbH
> Magirus-Deutz-Straße 18
> 89077 Ulm
> 
> E-Mail markus.wulftange@...e-white.com
> PGP    C6D6 C18B BAB9 0089 6942 213D 7772 8552 E9F8 6F39
> 
> http://www.code-white.com
> 
> Code White GmbH
> Sitz und Registergericht/Domicile and Register Court: Stuttgart,
> HRB-Nr./Commercial Register No.: 749152
> Geschäftsführung/Management: Dr. Helmut Mahler, Andreas Melzner, Lüder
> Sachse
> 
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/


Download attachment "signature.asc" of type "application/pgp-signature" (843 bytes)


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ