Vulnerabilities > CVE-2007-2896 - Denial of Service vulnerability in Symantec Enterprise Security Manager 6.5.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports. The vendor has released an update addressing this issue: Symantec Enterprise Security Manager 6.5.3 Symantec Mini Update Package.zip http://www.symantec.com/avcenter/security/ESM/esmPU/Mini Update Package.zip
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Application | 1 |
References
- http://osvdb.org/35077
- http://secunia.com/advisories/25390
- http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24a.html
- http://securityresponse.symantec.com/avcenter/security/Content/2007.05.24b.html
- http://www.securityfocus.com/bid/24123
- http://www.securitytracker.com/id?1018120
- http://www.vupen.com/english/advisories/2007/1940
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34507