TITLE: Symantec Security Information Manager Authentication Bypass SECUNIA ADVISORY ID: SA20647
VERIFY ADVISORY: http://secunia.com/advisories/20647/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Symantec Security Information Manager 4.x http://secunia.com/product/10472/ DESCRIPTION: A vulnerability has been reported in Symantec Security Information Manager, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to an input validation error in the M4 Macro Library when transforming raw rule definitions into java code that can be executed by the rule-engine. This can be exploited via specially crafted rules to obtain shell access with privileges of the "sesuser" user during M4 transformation. The vulnerability has been reported in version 4.0.2. SOLUTION: Update to version 4.0.2.29 HOTFIX 1. http://www.symantec.com/techsupp/enterprise PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2006.06.13b.html ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
