|
Enterprise Security Manager security response policies
02/28/2002
Enterprise Security Manager (ESM) response policies are configured by members of the Symantec Security Response team to respond to recent security incidents and newly-detected security vulnerabilities without waiting for scheduled module Security Update releases.
Response policy names are identified and sorted by "R-" prefixes in the Policies branch of the ESM Enterprise tree in the ESM Console.
The PHP File Upload response policy checks the file_uploads setting in the php.ini file to determine if php file uploads are enabled. Symantec recommends as a best practice that this setting be disabled ( file_uploads = off ) . This will prevent exploitation of this current vulnerability as well as exploits against as yet undiscovered vulnerabilities in this feature.
For more information on this vulnerability click here.
This policy should be run against ESM agents that are running Apache Web Server.
Download the PHP File Upload ESM Response Policy Installer
Note: This response policy requires that ESM 5.1 or ESM 5.5 with SU9 or later be installed on the ESM manager and agents that will use this policy.
| 
