Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

SEP Vulnerability (SYM10-013)

Jump to Best Answer

Migration UserJan 04, 2011 03:10 PM

Regarding: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101215_00 ...

RafeeqJan 04, 2011 03:19 PMBest Answer

its only for the management server, SEPM is the one which uses PHP for reporting purposes, clients do ...

1. SEP Vulnerability (SYM10-013)

0 Recommend
Migration User
Posted Jan 04, 2011 03:10 PM

Reply Reply Privately
Regarding:

http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101215_00

Symantec Endpoint Protection(SEP) Manager reporting module allows a php file overwrite from an authorized client that could potentially allow execution of arbitrary code on the server-side.

The solution is to Upgrade to SEP 11 RU6 MP2.

This might be a stupid question but is the system protected if the SEP management server is upgraded or only if the management server and ALL client servers are upgraded? The reason I ask is that it's a relatively small change to upgrade the management server vs upgrading 600+ client servers as well.

Thanks.
2. RE: SEP Vulnerability (SYM10-013)
Best Answer

0 Recommend
Rafeeq
Posted Jan 04, 2011 03:19 PM

Reply Reply Privately
its only for the management server, SEPM is the one which uses PHP for reporting purposes, clients do not use any PHP...

Copyright 2019. All rights reserved.

Powered by Higher Logic