Ensure that applications are isolated from one another and from sensitive data in the database through separate user accounts and restrictive ACL configurations. Follow a multi-layered approach to security. Allow only trusted individuals to have user accounts and local access to the resources. Symantec Endpoint Protection Manager is prone to a local buffer-overflow vulnerability. A successful exploitation is possible when using audit tools to aggressively scan the targeted Symantec Endpoint Protection Manager host. Run both firewall and anti-malware applications, at a minimum, to provide multiple points of detection and protection to both inbound and outbound threats. 
| Uploader: | Nibar |
| Date Added: | 13 February 2017 |
| File Size: | 43.26 Mb |
| Operating Systems: | Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X |
| Downloads: | 41374 |
| Price: | Free* [*Free Regsitration Required] |
Let us know if you have additional comments below. Symantec Response Symantec product engineers verified the reported issues.
A local attacker may exploit this issue to execute arbitrary code with escalated privileges. Symantec Endpoint Protection Manager is prone to a local buffer-overflow vulnerability.
Versions of Symantec Endpoint Protection Manager Thanks for your additional feedback!!! Modify default ACL settings.
Restrict access to administration or management systems to privileged users. Follow a multi-layered approach to security.
Product guides for all versions of Symantec Network Access Control
Deploy network and symanyec intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. Keep all operating systems and applications updated with the latest vendor patches. A successful exploitation is possible when using audit tools to aggressively scan the targeted Symantec Endpoint Protection Manager host.
All product names, logos, and brands are property of their respective owners. Implement database access control to limit the immediate impact of such vulnerabilities on the data m2 the database and possibly the database itself.
Allow only trusted individuals to have user accounts and local access to the resources. Related Products Endpoint Protection Thanks for your feedback. Was this Article Helpful? This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities. This can lead the server to stop serving pages and in some instances can cause excessive resource use symqntec can lead to a hang or crash of the server. All releases of SEP Use of these names, logos, and brands does not imply endorsement.
Rh7 Practices As part of normal best practices, Symantec strongly recommends: Subscribed to the Article. Permit privileged access for trusted individuals only. Please see the references or vendor advisory for more information. Service Pack 2 and below. Ensure that applications are isolated from one another and from sensitive symwntec in the database through separate user accounts and restrictive ACL configurations.
Article Page
If you are an owner of some content and want it to be removed, please mail to content vulners. This will clear the history and restart the chat.
Successful exploitation could potentially result in the system hosting Symantec Endpoint Protection Manager becoming unresponsive to IIS-based web server requests until restarted. Symantec engineers fixed the issues in Symantec Endpoint Protection This issue does not impact the security of the Symantec Endpoint Manager, only the availability of symanhec web server symante.
All company, product and service names used in this website are for identification purposes only. Run under the principle of least privilege where possible to limit the impact of exploit by threats.
No comments:
Post a Comment