Title: Symantec Enterprise Security Manager Remote Upgrade Remote Code Execution Vulnerability
Severity: CRITICAL
Description:
Symantec Enterprise Security Manager (ESM) is an application that automates the discovery of vulnerabilities and deviations in the security policies of mission-critical ebusiness applications and servers across the enterprise from a single location. The application is available for various operating systems.
Symantec ESM is prone to a remote code-execution vulnerability because it does not verify that upgrades are from trusted sources. Specifically, the ESM agent accepts remote upgrade requests from any entity that understands the upgrade protocol. An attacker with knowledge of the agent protocol may exploit this issue to take complete control of the host computer.
A successful exploit will allow attacker-supplied input to execute with administrative privileges. This may facilitate a complete system compromise.
Affected Products:
- Symantec Enterprise Security Manager 5.5.3
- Symantec Enterprise Security Manager 6.0
- Symantec Enterprise Security Manager 6.5
- Symantec Enterprise Security Manager 6.5.1
- Symantec Enterprise Security Manager 6.5.2
References:
- Symantec: SYM07-003: Symantec Enterprise Security Manager Remote Upgrade Authentication By
- Symantec: Symantec Enterprise Security Manager Product Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
