Symantec Endpoint Protection Client < 22.8.0.50 Elevation of Privilege (SYM16-021)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by an
elevation of privilege vulnerability.

Description :

The version of Symantec Endpoint Protection (SEP) Client installed on
the remote Windows host is prior to 22.8.0.50. It is, therefore,
affected by an elevation of privilege vulnerability due to improper
path restrictions when loading DLL files. A local attacker can exploit
this, by placing a specially crafted DLL file in the installation path
or DLL search path, to inject and execute arbitrary code.

See also :

http://www.nessus.org/u?4c0802a8

Solution :

Upgrade to Symantec Endpoint Protection (SEP) version 22.8.0.50 or
later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 96045 ()

Bugtraq ID: 94295

CVE ID: CVE-2016-5311

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now