Zero-day flaws found in Symantec's Endpoint Protection

9 years ago
30 July 2014
3 replies
426 views

Userlevel 7

+54

Jasper_The_Rasper
Moderator
10577 replies

Offensive Security said the flaws could be used to gain full system access

By Jeremy Kirk July 30, 2014 Symantec's Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview late Tuesday.
Offensive Security, famous for its Kali Linux penetration testing software, released a short video on Tuesday demonstrating a successful exploit. It plans to preview proof-of-concept code during its "Advanced Windows Exploitation" training class at the Black Hat security conference in Las Vegas next month.

Full Article

3 replies

Userlevel 7

+54

Jasper_The_Rasper
Author
Moderator
10577 replies
9 years ago
7 August 2014

Soak those connections, download those patches

By Richard Chirgwin, 7 Aug 2014

Get patching, sysadmins, there's a zero-day in Symantec Endpoint Protection (SEP).
This US-CERT advisory is alerting anyone who ignored Symatec's note about the issue.
CVE-2014-3434 is a local access vulnerability with a public exploit. A client buffer overflow can cause a blue-screen-of-death on the client, which could also expose the client to unauthorised local privilege escalation.
It affects all builds of SEP client 12.1 and 11.0, and all builds of SEP 12.0 Small Business Edition. Unaffected products are SEP Manager, SEP Endpoint Protection 12.1 Small Business Edition, SEP cloud and Symantec Network Access Control.

Full Article

R