This host is installed with Symantec Endpoint Protection Manager and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers to gain access to arbitrary files, write to or overwrite arbitrary files and execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. Impact Level: Application

Upgrade to Symantec Endpoint Protection Manager 12.1 RU5 or later. For updates refer http://www.symantec.com

Multiple flaws are due to, - The /console/Highlander_docs/SSO-Error.jsp script does not validate input to the 'ErrorMsg' parameter before returning it to users. - ConsoleServlet does not properly sanitize user input supplied via the 'ActionType' parameter. - Incorrectly configured XML parser accepting XML external entities from an untrusted source. - The /portal/Loading.jsp script does not validate input to the 'uri' parameter before returning it to users.

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5.

Send a crafted request via HTTP GET and check whether it is able to read cookie or not.

• http://osvdb.org/114274
• http://osvdb.org/114275
• http://osvdb.org/114276
• http://osvdb.org/114277
• http://www.securitytracker.com/id/1031176

---

Updated on 2015-03-25