The Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. The goal of this attack is to use an affected application to gain unauthorized access to the file system.
Note: only Deployment Solution (DS), Software Management Framework (SMF) and Patch components are applicable to this vulnerability.
This issue was validated by the product team engineers. Symantec Management Console updates which addresses the aforementioned issue: ITMS 8.1 RU4 - available. ref DOC10690
ITMS 8.0 post-HF6 - Released Fixes for PATCH component: see Patch 8.0 Cumulative HF6 v5 -- INFO4241 Fixes for SMF component: see SMF 8.0 Cumulative HF6 v2 -- INFO4241 Fixes for DS component: see SMF 8.0 Cumulative HF6 v5 -- INFO4241
ITMS 7.6 post-HF7 - Released Fixes for PATCH component: see Patch 7.6 Cumulative HF7 v6 -- INFO3457 Fixes for SMF component: see SMA_SMF_SMP_7.6_POST_HF7_P2P 7.6 Cumulative HF7 v14 -- INFO3459 Fixes for DS component: see DS 7.6 Cumulative HF7 v9 -- INFO3459
Symantec recommends the following measures to reduce risk of attack:
Restrict access to administrative or management systems to authorized privileged users. Restrict remote access to trusted/authorized systems only. Run under the principle of least privilege, where possible, to limit the impact of potential exploit. Keep all operating systems and applications current with vendor patches. Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection to both inbound and outbound threats. Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe