Symantec Protection for SharePoint Servers 6.0.3 - 6.0.5 < HF2.5 / 6.0.6 < HF2.6 / 6.0.7 < HF2.7 Multiple DoS (SYM16-015)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by
multiple denial of service vulnerabilities.

Description :

The version of Symantec Protection for SharePoint Servers (SPSS)
installed on the remote host is 6.0.3 to 6.0.5 prior to hotfix 2.5,
6.0.6 prior to hotfix 2.6, or 6.0.7 prior to hotfix 2.7. It is,
therefore, affected by multiple denial of service vulnerabilities :

- A denial of service vulnerability exists in the
decomposer engine due to an out-of-bounds read error
that occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5309)

- A denial of service vulnerability exists in the
decomposer engine due to memory corruption issue that
occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5310)

See also :

http://www.nessus.org/u?a4125a0d
https://support.symantec.com/en_US/article.INFO3795.html

Solution :

Apply the appropriate hotfix per the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.9
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 93658 ()

Bugtraq ID: 92866
92868

CVE ID: CVE-2016-5309
CVE-2016-5310

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now