Vulnerabilities > CVE-2017-6331 - Unspecified vulnerability in Symantec Endpoint Protection
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
Vulnerable Configurations
Exploit-Db
description | Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass. CVE-2017-6331. Local exploit for Windows platform |
file | exploits/windows/local/43134.c |
id | EDB-ID:43134 |
last seen | 2017-11-13 |
modified | 2017-11-10 |
platform | windows |
port | |
published | 2017-11-10 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/43134/ |
title | Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass |
type | local |
Nessus
NASL family | Windows |
NASL id | SYMANTEC_ENDPOINT_PROT_CLIENT_SYM17-011.NASL |
description | The version of Symantec Endpoint Protection (SEP) Client installed on the remote host is 12.1.x prior to 12.1 RU6 MP9 or 14.0.x prior to 14.0 RU1. It is, therefore, affected by a multiple vulnerabilities as referenced in the advisory. Note that Nessus has not tested for this issue but has instead relied only on the application |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 104459 |
published | 2017-11-08 |
reporter | This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/104459 |
title | Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP9 / 14.0.x < 14.0 RU1 Multiple Vulnerabilities (SYM17-011) |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/144950/CVE-2017-6331-SYMANTEC-ENDPOINT-PROTECTION-TAMPER-PROTECTION-BYPASS.txt |
id | PACKETSTORM:144950 |
last seen | 2017-11-14 |
published | 2017-11-12 |
reporter | hyp3rlinx |
source | https://packetstormsecurity.com/files/144950/Symantec-Endpoint-Protection-12.1.6-Tamper-Protection-Bypass.html |
title | Symantec Endpoint Protection 12.1.6 Tamper Protection Bypass |
References
- http://www.securityfocus.com/bid/101502
- http://www.securityfocus.com/bid/101502
- http://www.securitytracker.com/id/1039775
- http://www.securitytracker.com/id/1039775
- https://www.exploit-db.com/exploits/43134/
- https://www.exploit-db.com/exploits/43134/
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00