| VID |
22448 |
| Severity |
30 |
| Port |
8002 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Web server is running a version of Symantec Web Security software that is vulnerable to multiple vulnerabilities. Symantec Web Security is a product designed to protect HTTP/FTP traffic using antivirus and content filtering technologies. Symantec Web Security (SWS) versions prior to 3.0.1.85 are vulnerable to denial of service and cross-site scripting attacks. A remote attacker could exploit these vulnerabilities to steal the victim's cookie-based authentication credentials and to slow the affected system, resulting in a denial of service.
* Note: If this check solely relied on the banner of the remote HTTP server to assess this vulnerability, then this might be a false positive.
* References:
http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html
http://www.frsirt.com/english/advisories/2007/0330
http://securitytracker.com/alerts/2007/Jan/1017558.html
http://secunia.com/advisories/23896
* Platforms Affected:
Symantec Web Security versions prior to 3.0.1.85
Microsoft Windows Any version
Sun Solaris 8, 9, 10 SPARC |
| Recommendation |
Upgrade to the latest version of Symantec Web Security (SWS) (3.0.1.85 or later), as listed in the Symantec Security Bulletin SYM04-002 at http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html |
| Related URL |
CVE-2007-0563,CVE-2007-0564 (CVE) |
| Related URL |
22184 (SecurityFocus) |
| Related URL |
31750,31752 (ISS) |
|
