WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
21 August 2006
Symantec Enterprise Security Manager™ Race Condition Fix

Overview
Symantec Enterprise Security Manager is susceptible to a race condition that can cause the application to lock up, resulting in a denial-of-service.

Details
A specially crafted invalid request can be sent to the manager server to simulate an ESM agent. This causes both the ESM manager and ESM agent to lock up, resulting in a denial-of-service. This issue affects all versions of ESM managers and agents. Manager and agent restarts are required to recover from an attack.

To date, Symantec is not aware of any reported attempts to exploit this vulnerability.

Symantec response
Symantec has released downloadable automated and manual fixes for most supported ESM managers and agents (see the list below). The fixes and complete instructions for automatically updating ESM agents and manually updating ESM managers and agents can be downloaded here:

ESM 6.0 Race Condition Fix

ESM 6.5 Race Condition Fix

Symantec Enterprise Security Manager Denial-of-Service Fix Update Guide

NOTE: The packages listed above replace those posted on August 22, 2006 at 6:30 PM (Pacific Standard Time). The new packages include updated agents with correct version numbers. More detailed information is available in the Symantec Enterprise Security Manager Denial-of-Service Fix Update Guide.

All other supported ESM platforms will have fixes available upon request. Please contact your sales representative to issue a request.

Vulnerable Products
The following supported ESM agent and manager platform updates are available for immediate download (see above). The table also includes the location of each update file when they are extracted from the archive.

ESM versionESM agent platformESM agent update file
6.0 Windows XP Professional SP2 (x86)
Windows Server 2003 Standard Edition SP1 (x86)
Windows Server 2003 Enterprise Edition SP1 (x86)
Windows 2000 (Professional, Server, Advanced Server)
Windows NT 4.0
Solaris 2.9 (SPARC)
AIX (4.3.1, 4.3.3, 5.1, 5.2)
Red Hat Enterprise Linux ES 3.0 (x86)
HP-UX (10.20, 11.0, 11i) (PA-RISC)
ESM60RaceConditionFix\agent\wxp-ix86\esmagent.exe
ESM60RaceConditionFix\agent\w3s-ix86\esmagent.exe
ESM60RaceConditionFix\agent\w3s-ix86\esmagent.exe
ESM60RaceConditionFix\agent\w2k-ix86\esmagent.exe
ESM60RaceConditionFix\agent\nt-ix86\esmagent.exe
ESM60RaceConditionFix\agent\solaris-sparc\esmd
ESM60RaceConditionFix\agent\aix-rs6k\esmd
ESM60RaceConditionFix\agent\lnx-x86\esmd
ESM60RaceConditionFix\agent\hpux-hppa\esmd
6.5.x Windows XP Professional SP2 (x86)
Windows Server 2003 Standard Edition SP1 (x86)
Windows Server 2003 Enterprise Edition SP1 (x86)
Windows Server 2003 (Itanium)
Windows 2000 (Professional, Server, Advanced Server)
Solaris 2.9 (SPARC)
Solaris 2.10 (SPARC)
Solaris 2.10 (x86)
AIX 5L 5.3 (64-bit)
AIX (5.1, 5.2)
Red Hat Enterprise Linux ES 3.0 (x86)
Red Hat Linux AS 3.0 64-bit (Itanium)
Red Hat Enterprise Linux ES 4.0 Itanium
Red Hat Linux AS 3.0 64-bit (Opteron and Xeon)
Red Hat Linux WS 3.0 64-bit (Opteron and Xeon)
Red Hat Enterprise Linux 4 ES (x86)
Red Hat Enterprise Linux 4 AS (Xeon and Opteron)
Red Hat Enterprise Linux (ES 2.1)
SUSE Linux Enterprise Server 9 (x86)
SUSE Linux Enterprise Server 9 (Itanium)
HP-UX (11.0, 11.11i) (PA-RISC)
HP-UX 11i v2 (Itanium)
SM65RaceConditionFix\agent\wxp-ix86\esmagent.exe
ESM65RaceConditionFix\agent\w3s-ix86\esmagent.exe
ESM65RaceConditionFix\agent\w3s-ix86\esmagent.exe
ESM65xRaceConditionFix\agent\w3s-ia64\esmagent.exe
ESM65RaceConditionFix\agent\w2k-ix86\esmagent.exe
ESM65RaceConditionFix\agent\solaris-sparc\esmd
ESM65RaceConditionFix\agent\solaris-sparc\esmd
ESM65xRaceConditionFix\agent\solaris-x86\esmd
ESM65xRaceConditionFix\agent\aix-ppc64\esmd
ESM65xRaceConditionFix\agent\aix-rs6k\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65xRaceConditionFix\agent\lnx-ia64\esmd
ESM65xRaceConditionFix\agent\lnx-ia64\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65RaceConditionFix\agent\lnx-x86\esmd
ESM65xRaceConditionFix\agent\lnx-ia64\esmd
ESM65xRaceConditionFix\agent\hpux-hppa\esmd
ESM65xRaceConditionFix\agent\hpux-ia64\esmd

ESM versionESM manager platformESM manager update file
6.0 Windows 2000 Professional SP1+
Windows 2000 Server SP1+
Windows 2000 Advanced Server SP1+
Windows Server 2003
Solaris 2.7 (SPARC)
Solaris 2.8 (SPARC)
Solaris 2.9 (SPARC)
HP-UX (10.20, 11.0, and 11.11) (PA-RISC)
AIX 4.3.1, 4.3.3
AIX 5L 5.1
AIX 5L 5.2
ESM60RaceConditionFix\manager\win-ix86\esmmanager.exe
ESM60RaceConditionFix\manager\win-ix86\esmmanager.exe
ESM60RaceConditionFix\manager\win-ix86\esmmanager.exe
ESM60RaceConditionFix\manager\win-ix86\esmmanager.exe
ESM60RaceConditionFix\manager\solaris-sparc\esmd
ESM60RaceConditionFix\manager\solaris-sparc\esmd
ESM60RaceConditionFix\manager\solaris-sparc\esmd
ESM60RaceConditionFix\manager\hpux-hppa\esmd
ESM60RaceConditionFix\manager\aix-rs6k\esmd
ESM60RaceConditionFix\manager\aix-rs6k\esmd
ESM60RaceConditionFix\manager\aix-rs6k\esmd
6.5.x Windows 2000 Professional SP4+
Windows 2000 Server SP4+
Windows 2000 Advanced Server SP4+
Windows Server 2003
Solaris 2.7 (SPARC)
Solaris 2.8 (SPARC)
Solaris 2.9 (SPARC)
HP-UX 11.0 (PA-RISC)
HP-UX 11i v1 (11.11) (PA-RISC)
HP-UX 11.23 (PA-RISC)
AIX 5L 5.1
AIX 5L 5.2
ESM65xRaceConditionFix\manager\win-ix86\esmmanager.exe
ESM65xRaceConditionFix\manager\win-ix86\esmmanager.exe
ESM65xRaceConditionFix\manager\win-ix86\esmmanager.exe
ESM65xRaceConditionFix\manager\win-ix86\esmmanager.exe
ESM65RaceConditionFix\manager\solaris-sparc\esmd
ESM65RaceConditionFix\manager\solaris-sparc\esmd
ESM65RaceConditionFix\manager\solaris-sparc\esmd
ESM65RaceConditionFix\manager\hpux-hppa\esmd
ESM65RaceConditionFix\manager\hpux-hppa\esmd
ESM65RaceConditionFix\manager\hpux-hppa\esmd
ESM65RaceConditionFix\manager\aix-rs6k\esmd
ESM65RaceConditionFix\manager\aix-rs6k\esmd


Last modified on: Saturday, 31-Mar-07 00:43:21