|
Family: CGI abuses --> Category: infos
Symantec AntiVirus Scan Engine Multiple Remote Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks if Symantec Scan Engine is vulnerable
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to take control of the remote scan engine.
Description :
The remote host appears to be running Symantec Scan Engine.
This version of Scan Engine is vulnerable to multiple flaws which may
allow a remote attacker to take control of the scan engine. Following
flaws are present:
- Fixed https certificate key
- Configuration file retrieval (with administrator password hash)
- Possibility to change the administrator password
Solution :
Upgrade to Scan Engine 5.1.0.7 or later.
Threat Level:
Critical / CVSS Base Score : 10.0
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|