Vulnerability CVE-2010-0114 - CERT Civis.Net

Vulnerability Name:

CVE-2010-0114 (CCN-64118)

Assigned:

2009-12-31

Published:

2010-12-15

Updated:

2018-10-30

Summary:

fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-0114

Source: CCN
Type: SA42643
Symantec Endpoint Protection Manager fw_charts.php Code Execution Vulnerability

Source: SECUNIA
Type: Vendor Advisory
42643

Source: CCN
Type: SECTRACK ID: 1024900
Symantec Endpoint Protection Validation Flaw in 'fw_charts.php' Lets Remote Users Overwrite Files and Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1024900

Source: CCN
Type: OSVDB ID: 69975
Symantec Endpoint Protection Manager Reporting Module fw_charts.php Remote Code Execution

Source: BID
Type: UNKNOWN
45372

Source: CCN
Type: BID-45372
Symantec Endpoint Protection Reporting Module 'fw_charts.php' Remote Code Execution Vulnerability

Source: CCN
Type: SYM10-013
Security Advisories Relating to Symantec Products - Symantec Endpoint Protection File Overwrite

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101215_00

Source: VUPEN
Type: Vendor Advisory
ADV-2010-3252

Source: MISC
Type: UNKNOWN
http://www.zerodayinitiative.com/advisories/ZDI-10-291/

Source: XF
Type: UNKNOWN
symantec-endpoint-fwcharts-code-execution(64118)

Source: XF
Type: UNKNOWN
symantec-endpoint-fwcharts-code-execution(64118)

Source: CCN
Type: ZDI-10-291
Symantec Endpoint Protection Manager Reporting Server fw_charts.php Remote Code Execution Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*

OR cpe:/a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:symantec:endpoint_protection:11.0::~~~mac_os_x~~:*:*:*:*:*

Denotes that component is vulnerable