This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The endpoint management application installed on the remote Windows
host has multiple vulnerabilities.
The version of Symantec Endpoint Protection Manager installed on the
remote host is less than 12.1 RU1 MP1 (12.1.1101) and has the
following vulnerabilities :
- An arbitrary file deletion issue exists via directory
traversal attacks. (CVE-2012-0294)
- A file inclusion vulnerability exists that could result
in arbitrary code execution as SYSTEM. (CVE-2012-0295)
See also :
Upgrade to Symantec Endpoint Protection 12.1 RU1 MP1 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true