Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43431
  • Total Topics: 16526
  • Online today: 2972
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2949
Total: 2950









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 10. August 2014., 09:40:59 »



Get patching, sysadmins, there's a zero-day in Symantec Endpoint Protection (SEP).

This US-CERT advisory: https://www.us-cert.gov/ncas/current-activity/2014/08/04/Local-Privilege-Escalation-Vulnerability-Symantec-Endpoint is alerting anyone who ignored Symatec's note about the issue: http://www.symantec.com/business/support/index?page=content&id=TECH223338

CVE-2014-3434 is a local access vulnerability with a public exploit. A client buffer overflow can cause a blue-screen-of-death on the client, which could also expose the client to unauthorised local privilege escalation.

It affects all builds of SEP client 12.1 and 11.0, and all builds of SEP 12.0 Small Business Edition. Unaffected products are SEP Manager, SEP Endpoint Protection 12.1 Small Business Edition, SEP cloud and Symantec Network Access Control.

The vuln was one of many turned up by Offensive Security in this blog post: http://www.offensive-security.com/vulndev/symantec-endpoint-protection-0day/
Offensive Security says only some of its discoveries have been acted on, and is pimping its talk at Black Hat, at which it will detail the rest.

According to Symantec, the fault is in the sysplant driver, which doesn't properly validate external input. It's part of the SEP client's Application and Device Control component, which means disabling that component will serve as a workaround if you can't patch immediately.

Offensive Security reported the issue to Symantec on 29 July, and an exploit authored by Bradley Sean Susser of Bot24 Inc was published yesterday. Symantec has issued a patch for the issue.

(ElReg)

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023