Exploit Available for Symantec End Point Protection
An exploit is now available at exploit-db.com for the Symantec End Point Protection privilege escalation vulnerability. Symantec released a patch for this issue earlier this week [1].
The vulnerability requires normal-user access to the affected system and can be used to escalate privileges to fully control the system (instead of being limited to a particular user) so this will make a great follow up exploit to a standard drive-by exploit that gains user privileges.
We have gotten some reports that users have problems installing the patch on legacy systems (e.g. Windows 2003). Applying the patch just fails in these cases and appears to have no ill effect on system stability.
[1] http://www.symantec.com/business/support/index?page=content&id=TECH223338
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 14th - Jul 19th 2025 |
Comments
Anonymous
Aug 6th 2014
1 decade ago
Anonymous
Aug 7th 2014
1 decade ago
This is not an issue with Symantec installer. This is happening because of outdated Verisign root and code signing certificates on Windows XP and Windows server 2003. You can follow below KB to get it resolved. It is tested OK.
http://www.symantec.com/business/support/index?page=content&id=TECH218029
Anonymous
Aug 7th 2014
1 decade ago
Refer to this knowledge base article and all will be well.
http://www.symantec.com/business/support/index?page=content&id=TECH218029
Anonymous
Aug 8th 2014
1 decade ago
http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html
Anonymous
Aug 8th 2014
1 decade ago