Since Symantec did notĭisallow declared DTD processing, it is vulnerable to the XXE injection. The Java DocumentBuilder class is used to parse the xml. When a body is encountered that uses a Content-Type of text/xml, The servlet will use a custom MultipartParser class to handle the individual That can be triggered in the ConsoleServlet. So basically what you are looking for with the XXE injection is a vulnerability With the default embedded database, thereby making this a pretty reliable exploit. I suspect the majority of SEPM users will have it configured Injection to force SEPM to exploit itself through a separate SQL injection flaw was Tested On: Windows Server 2003, default SEPM install using embedded databaseįirst off, this was a fantastic discovery by Stefan Viehbock.
Exploit Title: Symantec Endpoint Protection Manager Remote Command ExecutionĮxploit Author: Chris Graham CVE-2013-5014, CVE-2013-5015
0 kommentar(er)
