• Nexpose
  • Overview
  • Features
  • Architecture & Open API
  • Try NeXpose
  • Buy NeXpose
  • System Requirements
  • Vulnerabilities Tested
  • NeXpose Information
• Solutions
  • Unified Vulnerability Management
  • Web Application VA
  • Database VA
  • Network & OS VA
  • Compliance Scanning
• Services
  • PCI Compliance Testing
  • Penetration Testing
  • Web Application Security Audits
  • Best Practices Consulting
  • Social Engineering
  • CISSP Seminar
  • NeXpose Training
  • Security Training
• Support
  • NeXpose FAQ
  • System Requirements
  • Support Form
  • Vulnerabilities Tested
  • Customer Center Login
• Security Center
  • Advisories
  • Vulnerabilities Tested
  • Compliance
  • White Papers & Articles
  • SSHredder Test Suite
• Company
  • Management
  • Customers
  • Partners
  • Press Room
  • Events
  • Contact
  • Careers
• Customers

• Management
• Customers
• Partners
• Press Room
• Events
• Contact
• Careers

PR Contact

Beth Bryant
BBWrites Strategic Communications
(508) 786-3013
Email Press Contact

Flaws Discovered in Symantec Scan Engine Allow Unauthorized Access and Expose Critical Data, Warns Enterprise Vulnerability Management Company Rapid7

Rapid7 Security Advisories Report Multiple Flaws in How Symantec Scan Engine Enables Authentication, Server Communications and Access to the Installation Directory, Which Open Door to Malicious Attacks

Boston - April 25, 2006 - Numerous flaws found in Symantec Scan Engine pose the risk of unauthorized access to critical data and malicious attacks, reports Rapid7 LLC in three security advisories issued Friday, April 21, 2006 (see www.rapid7.com/advisories/rapid7-advisories.html). Both Symantec Scan Engine v5.0.0.24 and Symantec AntiVirus Scan Engine v.4.3.0 are affected.

Attacks can be carried out through vulnerabilities in the way Symantec Scan Engine handles authentication, server communications, and access to the installation directory. The flaws reported are as follows:

Symantec Scan Engine Authentication Fundamental Design Error

A design error in the authentication model used by the administrative interface, which the Rapid7 advisory states, "Allows any remote user to gain full administrative access to the server."

Symantec Scan Engine Known Immutable DSA Private Key

Use of the same private DSA key by every installation of Symantec Scan Engine. The key cannot be changed by end-users and can be extracted easily from any installation of the product, rendering SSL protection useless since the private key is known universally. The Rapid7 advisory states, "A man-in-the-middle attacker could easily intercept and decrypt all communications between Symantec Scan Engine and an administrative client."

Symantec Scan Engine Web Interface File Disclosure Vulnerability

A vulnerability that allows unauthenticated remote users to download any file located in the Symantec Scan Engine installation directory, which includes current virus definitions. The Rapid7 advisory states, "Knowledge of installed virus definitions will allow an attacker to determine what viruses can be used to infect the network without detection."

According to Rapid7's advisories, Symantec was notified and has released an upgrade to Symantec Scan Engine v5.1.0.7 or later. Rapid7 confirms that this new version corrects these flaws and advises customers to download them immediately. Symantec provides information and access to the upgrade at:
securityresponse.symantec.com/avcenter/security/Content/2006.04.21.html.

To protect its customers, Rapid7 has added data on these flaws to vulnerability checks performed by NeXpose, its enterprise vulnerability management solution.

About NeXpose

Rapid7's award-winning NeXpose Unified Vulnerability Management (UVM) product is an all-in-one security solution that scans Web servers, Web applications, databases and networks to locate threats, assess their risk to the environment and devise a remediation plan. NeXpose incorporates an expert system to build a knowledge base of facts on the environment it explores and model potential targeted attacks to expose all existing threats. NeXpose provides robust reporting capabilities that ensure compliance with governmental regulations, corporate security configuration policies, and the PCI Data Security Standard. NeXpose is available as an appliance, downloadable software or an On-Demand hosted solution.

About Rapid7

Rapid7 is the leading provider of Unified Vulnerability Management (UVM) solutions. NeXpose provides network, database and web application vulnerability management for enterprise deployments and small to medium businesses. Rapid7 was founded in 2000 by a team of software industry veterans who were major contributors to product development and subsequent growth and success at Percussion Software, Bond Technologies and Stride & Associates. Since introduced, NeXpose has been sold to corporate enterprises, Global 2000 companies, and government entities, and serves the full range of vertical markets across the U.S. and abroad. In addition, Rapid7 provides compliance products and services for PCI, HIPAA and Sarbanes Oxley. Rapid7 is headquartered in Boston, MA, with offices in California and the United Kingdom.

Copyright © 2001 - 2008, Rapid7, LLC. All Rights Reserved.

• Home
• |
• Nexpose
• |
• Solutions
• |
• Services
• |
• Support
• |
• Security Center
• |
• Company
• |
• Contact