TITLE:
Symantec Security Information Manager Authentication Bypass
SECUNIA ADVISORY ID:
SA20647
VERIFY ADVISORY:
http://secunia.c
om/advisories/20647/
CRITICAL:
Less critical
IMPACT:
Security Bypass
WHERE:
Local system
OPERATING SYSTEM:
Symantec Security Information Manager 4.x
http://secunia.com/
product/10472/
DESCRIPTION:
A vulnerability has been reported in Symantec Security
Information
Manager, which can be exploited by malicious, local users to
bypass
certain security restrictions.
The vulnerability is caused due to an input validation error
in
the
M4 Macro Library when transforming raw rule definitions into
java
code that can be executed by the rule-engine. This can be
exploited
via specially crafted rules to obtain shell access with
privileges of
the "sesuser" user during M4 transformation.
The vulnerability has been reported in version 4.0.2.
SOLUTION:
Update to version 4.0.2.29 HOTFIX 1.
http://ww
w.symantec.com/techsupp/enterprise
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://securityresponse.symantec.
com/avcenter/security/Content/2006.06.13b.html
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|