10 matches found
EUVD-2020-26987
Malware in sbrugna...
Symantec Data Center Security Windows Agent < 6.9.1 DoS (SYMSA18255)
The version of Symantec Data Center Security Windows Agent installed on the remote host is prior to 6.9.1. It is, therefore, affected by a denial of service vulnerability due to an unhandled exception in a common driver. Note that Nessus has not tested for this issue but has instead relied only o...
Data Center Security Privilege Escalation
Summary Symantec has released an update to address an issue that was discovered in the Data Center Security Manager component. Affected Products Data Center Security Manager Component --- CVE | Affected Versions | Remediation CVE-2020-5832 | Prior to 6.8.2 aka 6.8 MP2 | Upgrade 6.8.2 aka 6.8 MP2...
Memory Corruption Vulnerability in Multiple Symantec and Norton Products (CNVD-2016-04437)
Symantec Advanced Threat Protection ATP, Symantec Embedded Security:Critical System Protection SES:CSP and Symantec Data Center Security: Server Advanced SDCS:SA are security products from Symantec Corporation. Advanced SDCS:SA are security products from Symantec, Inc. ATP is a suite of software...
Symantec Embedded Security: Critical System Protection and Symantec Data Center Security: Server Advanced Elevation of Privilege Vulnerabilities
Symantec Embedded Security:Critical System Protection SES:CSP and Symantec Data Center Security: Server Advanced SDCS:SA are both security products from Symantec Corporation. SES:CSP is a lightweight intrusion detection and prevention system client product; SDCS:SA provides security for physical...
Symantec Embedded Security:Critical System Protection and Symantec Data Center Security: Server Advanced Security Bypass Vulnerabilities
Symantec Embedded Security:Critical System Protection SES:CSP and Symantec Data Center Security: Server Advanced SDCS:SA are both security products from Symantec Corporation. SES:CSP is a lightweight intrusion detection and prevention system client product; SDCS:SA provides security for physical...
Symantec Data Center Security Server 'SSO-Error.jsp' XSS (SYM15-001)
The remote Symantec Data Center Security Server running on the remote host is affected by a reflected cross-site scripting vulnerability due to improper validation of input to the 'ErrorMsg' parameter in the '/webui/Khakidocs/SSO-Error.jsp' script. %NASLMINLEVEL 70300 C Tenable Network Security,...
Symantec Data Center Security Server SQLi (SYM15-001)
The remote Symantec Data Center Security Server running on the remote host is affected by a SQL injection vulnerability in the '/sis-ui/authenticate' script on the web console interface. A remote attacker, using a crafted HTTP request, can exploit this to execute SQL queries, allowing the...
Symantec Data Center Security - Multiple Vulnerabilities
Symantec Data Center Security: Server Advanced SDCS:SA and Symantec Critical System Protection SCSP suffer from cross site scripting, remote SQL injection, information disclosure, and policy bypass vulnerabilities. ======================================================================= title:...
Design/Logic Flaw
The Agent Control Interface in the management server in Symantec Critical System Protection SCSP 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging client-system access to...