CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Metasploit Modules Related To Symantec

CVE-2004-363  Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Norton AntiSpam 2004. When sending an overly long string to the LaunchCustomRuleWizard() method of symspam.dll (2004.1.0.147) an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2006-2630  Symantec Remote Management Buffer Overflow
This module exploits a stack buffer overflow in Symantec Client Security 3.0.x. This module has only been tested against Symantec Client Security 3.0.2 build 10.0.2.2000.
Module type : exploit Rank : good Platforms : Windows
CVE-2007-1689  Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in the ISAlertDataCOM ActiveX Control (ISLAert.dll) provided by Symantec Norton Internet Security 2004. By sending a overly long string to the "Get()" method, an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2007-6016  Symantec BackupExec Calendar Control Buffer Overflow
This module exploits a stack buffer overflow in Symantec BackupExec Calendar Control. By sending an overly long string to the "_DOWText0" property located in the pvcalendar.ocx control, an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2008-2286  Symantec Altiris DS SQL Injection
This module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injections are required in close succession, first to enable xp_cmdshell, then retrieve the payload via TFTP and finally execute it. The module also has the capability to disable or enable local application authentication. In order to work the target system must have a tftp client available.
Module type : exploit Rank : normal Platforms : Windows
CVE-2008-4388  Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute
This module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability is in the LaunchObj ActiveX control (launcher.dll 5.1.0.82) containing the "installAppMgr()" method. The insecure method can be exploited to download and execute arbitrary files in the context of the currently logged-on user.
Module type : exploit Rank : excellent Platforms : Windows
CVE-2009-1429  Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
Module type : exploit Rank : excellent Platforms : Windows
CVE-2009-1430  Symantec Alert Management System Intel Alert Originator Service Buffer Overflow
This module exploits a stack buffer overflow in Intel Alert Originator Service msgsys.exe. When an attacker sends a specially crafted alert, arbitrary code may be executed.
Module type : exploit Rank : good Platforms : Windows
CVE-2009-3028  Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
This module allows remote attackers to install and execute arbitrary files on a users file system via AeXNSPkgDLLib.dll (6.0.0.1418). This module was tested against Symantec Altiris Deployment Solution 6.9 sp3.
Module type : exploit Rank : excellent Platforms : Windows
CVE-2009-3031  Symantec ConsoleUtilities ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Symantecs ConsoleUtilities. By sending an overly long string to the "BrowseAndSaveFile()" method located in the AeXNSConsoleUtilities.dll (6.0.0.1846) Control, an attacker may be able to execute arbitrary code
Module type : exploit Rank : normal Platforms : Windows
CVE-2009-3033  Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Symantec Altiris Deployment Solution. When sending an overly long string to RunCmd() method of AeXNSConsoleUtilities.dll (6.0.0.1426) an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2012-297  Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2012-297  Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
This module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minutes to retrieve access_log, which is about the amount of time required to see a shell back.
Module type : exploit Rank : excellent Platforms : PHP
CVE-2012-299  Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
This module exploits a file upload vulnerability found in Symantec Web Gateway's HTTP service. Due to the incorrect use of file extensions in the upload_file() function, attackers may to abuse the spywall/blocked_file.php file in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution.
Module type : exploit Rank : excellent Platforms : PHP
CVE-2012-2953  Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service. While handling the filename parameter, the Spywall API does not do any filtering before passing it to an exec() call in proxy_file(), thus results in remote code execution under the context of the web server. Please note authentication is NOT needed to gain access.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2012-3579  Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability
This module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote.
Module type : exploit Rank : excellent Platforms : Unix
CVE-2012-4347  Symantec Messaging Gateway 9.5 Log File Download Vulnerability
This module will download a file of your choice against Symantec Messaging Gateway. This is possible by exploiting a directory traversal vulnerability when handling the 'logFile' parameter, which will load an arbitrary file as an attachment. Note that authentication is required in order to successfully download your file.
Module type : auxiliary Rank : normal
CVE-2013-5014  Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution
This module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager versions 11.0, 12.0 and 12.1. When supplying a specially crafted XML external entity (XXE) request an attacker can reach SQL injection affected components. As xp_cmdshell is enabled in the included database instance, it's possible to execute arbitrary system commands on the target with SYSTEM privileges.
Module type : exploit Rank : excellent Platforms : Windows
CVE-2013-5015  Symantec Endpoint Protection Manager /servlet/ConsoleServlet Remote Command Execution
This module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager versions 11.0, 12.0 and 12.1. When supplying a specially crafted XML external entity (XXE) request an attacker can reach SQL injection affected components. As xp_cmdshell is enabled in the included database instance, it's possible to execute arbitrary system commands on the target with SYSTEM privileges.
Module type : exploit Rank : excellent Platforms : Windows
CVE-2014-1649  Symantec Workspace Streaming ManagementAgentServer.putFile XMLRPC Request Arbitrary File Upload
This module exploits a code execution flaw in Symantec Workspace Streaming. The vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. This module has been tested successfully on Symantec Workspace Streaming 6.1 SP8 and Windows 2003 SP2, and reported to affect 7.5.0.x. Abused services listen on a single-machine deployment and also in the backend role in a multiple-machine deployment.
Module type : exploit Rank : excellent Platforms : Java

Please note: Metasploit modules are only matched by CVE numbers. There may be other modules related to this product. Visit metasploit web site for more details
Total number of modules found = 25   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.