WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
December 22, 2005
Symantec ESM 6.5 Network Assessment Security Updates


Download the cumulative Symantec ESM Network Assessment Release Notes (PDF)


This update for Symantec ESM Network Assessment detects and reports 54 additional vulnerabilities.

As of this release, security exposures have been added to the Network Assessment module. There is a new Network Assessment template entitled, exposure.net that can be enabled to check for security exposures.

Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.

Additional vulnerabilities

Bugtraq ID	Vulnerability name
1548		Apache Jakarta-Tomcat /admin Context Vulnerability
2518		Apache Tomcat 3.0 Directory Traversal Vulnerability
1531		Apache Tomcat 3.1 Path Revealing Vulnerability
5194		Apache Tomcat DOS Device Name Cross Site Scripting Vulnerability
13756		Apache Tomcat Java Security Manager Bypass Vulnerability
8824		Apache Tomcat Non-HTTP Request Denial Of Service Vulnerability
12795		Apache Tomcat Remote Malformed Request Denial Of Service Vulnerability
15325		Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
1532		Apache Tomcat Snoop Servlet Information Disclosure Vulnerability
3542		Cisco Access Control List Fragment Keyword Ignored Vulnerability
53		Cisco Access List Vulnerability
8290		Cisco Aironet AP1x00 Malformed HTTP GET Denial Of Service Vulnerability
8292		Cisco Aironet Telnet Service User Account Enumeration Weakness
6059		Cisco AS5350 Universal Gateway Portscan Denial Of Service Vulnerability
10186		Cisco Internet Operating System SNMP Message Processing Denial Of Service Vulnerability
4947		Cisco IOS 12.1 Large TCP Scan Denial of Service Vulnerability
14092		Cisco IOS AAA RADIUS Authentication Bypass Vulnerability
10560		Cisco IOS Border Gateway Protocol Denial Of Service Vulnerability
12370		Cisco IOS Border Gateway Protocol Processing Remote Denial Of Service Vulnerability
11649		Cisco IOS DHCP Input Queue Blocking Denial Of Service Vulnerability
13031		Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability
14770		Cisco IOS Firewall Authentication Proxy Buffer Overflow Vulnerability
14414		Cisco IOS IPv6 Processing Arbitrary Code Execution Vulnerability
12368		Cisco IOS IPv6 Processing Remote Denial Of Service Vulnerability
12369		Cisco IOS Multi Protocol Label Switching Remote Denial Of Service Vulnerability
10971		Cisco IOS OSPF Remote Denial Of Service Vulnerability
13042		Cisco IOS Secure Shell Server Memory Leak Denial Of Service Vulnerability
13043		Cisco IOS Secure Shell Server V2 Remote Denial Of Service Vulnerability
15275		Cisco IOS System Timers Heap Buffer Overflow Exploitation
13033		Cisco IOS Unauthorized Security Association Establishment Vulnerability
15401		Cisco IPSec Unspecified IKE Traffic Denial Of Service Vulnerabilities
4948		Cisco Malformed HSRP Traffic Denial of Service Vulnerability
4132		Cisco Malformed SNMP Message Denial of Service Vulnerabilities
6358		Cisco OSM Line Cards Denial Of Service Vulnerability
690		Cisco PIX and CBAC Fragmentation Attack
4949		Cisco Spoofed HSRP Loopback Denial Of Service Vulnerability
5041		Cisco uBR7200 / uBR7100 Universal Broadband Routers DOCSIS MIC Bypass Vulnerability
5030		Cisco View-based Access Control MIB SNMP Walk Read-Write Password Revealing Vulnerability
3199		Jakarta Tomcat Error Message Information Disclosure Vulnerability
15827		Microsoft Internet Explorer COM Object Instantiation Memory Corruption Vulnerability
15823		Microsoft Internet Explorer Dialog Manipulation Vulnerability
15825		Microsoft Internet Explorer HTTPS Proxy Information Disclosure Vulnerability
13799		Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution Vulnerability
15826		Microsoft Windows Asynchronous Procedure Call Local Privilege Escalation Vulnerability
9406		Multiple Vendor H.323 Protocol Implementation Vulnerabilities
986		Multiple Vendor SNMP World Writeable Community Vulnerability
6408		Multiple Vendor SSH2 Implementation Empty Elements / Multiple Separator Vulnerabilities
6405		Multiple Vendor SSH2 Implementation Incorrect Field Length Vulnerabilities
6410		Multiple Vendor SSH2 Implementation Null Character Handling Vulnerabilities
2682		Multiple Vendor TCP Initial Sequence Number Statistical Vulnerability
2527		Multiple Vendor URL JSP Request Source Code Disclosure Vulnerability
8970		OpenSSL ASN.1 Large Recursion Remote Denial Of Service Vulnerability
2344		PKCS #1 Version 1.5 Session Key Retrieval Vulnerability
1294		TACACS+ Protocol Flaws Vulnerabilities

Initial Post on: Thursday, 22-Dec-05 12:10:00
Last modified on: Wednesday, 19-Apr-06 17:43:58