Symantec ESM 6.5 Network Assessment Security Updates

November 11, 2005
Symantec ESM 6.5 Network Assessment Security Updates

File(s)

Download the cumulative Symantec ESM Network Assessment Release Notes (PDF)

Description

This update for Symantec ESM Network Assessment detects and reports 45 additional vulnerabilities.

As of this release, security exposures have been added to the Network Assessment module. There is a new Network Assessment template entitled, exposure.net that can be enabled to check for security exposures.

Use the LiveUpdate feature of Symantec ESM Network Assessment to download this security update.

Additional vulnerabilities

Bugtraq ID	Vulnerability name
2216		Apache Web Server DoS Vulnerability
2300		NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability
3009		Apache Possible Directory Index Disclosure Vulnerability
3169		Apache Server Address Disclosure Vulnerability
3176		Apache Mod ReWrite Rules Bypassing Image Linking Vulnerability
3521		Apache mod_usertrack Predictable ID Generation Vulnerability
3790		Apache Non-Existent Log Directory Denial Of Service Vulnerability
3796		Apache HTTP Request Unexpected Behavior Vulnerability
4056		Apache 2 for Windows php.exe Path Disclosure Vulnerability
4057		Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability
4358		Apache Double-Reverse Lookup Log Entry Spoofing Vulnerability
4431		Apache PrintEnv/Test_CGI Script Injection Vulnerability
4437		Apache Error Message Cross-Site Scripting Vulnerability
5992		Apache HTDigest Insecure Temporary File Vulnerability
6117		Apache mod_php File Descriptor Leakage Vulnerability
6320		Apache/Tomcat Mod_JK Chunked Encoding Denial Of Service Vulnerability
8707		Apache htpasswd Password Entropy Weakness
8725		Apache2 MOD_CGI STDERR Denial Of Service Vulnerability
9302		Apache mod_php Module File Descriptor Leakage Vulnerability
9471		Apache mod_perl Module File Descriptor Leakage Vulnerability
9571		Apache mod_digest Client-Supplied Nonce Verification Vulnerability
9599		Apache mod_php Global Variables Information Disclosure Weakness
9804		Multiple Vendor HTTP Response Splitting Vulnerability
9874		Apache HTAccess LIMIT Directive Bypass Configuration Error Weakness
9921		Apache Connection Blocking Denial Of Service Vulnerability
10212		Apache mod_auth Malformed Password Potential Memory Corruption Vulnerability
10355		Apache Mod_SSL SSL_Util_UUEncode_Binary Stack Buffer Overflow Vulnerability
10789		Apache mod_userdir Module Information Disclosure Vulnerability
11154		Apache mod_ssl Remote Denial of Service Vulnerability
11185		Apache Mod_DAV LOCK Denial Of Service Vulnerability
11239		Apache Satisfy Directive Access Control Bypass Vulnerability
11360		Apache mod_ssl SSLCipherSuite Restriction Bypass Vulnerability
11471		Apache mod_include Local Buffer Overflow Vulnerability
12308		Apache Utilities Insecure Temporary File Creation Vulnerability
12834		Microsoft Windows Graphical Device Interface Library Denial Of Service Vulnerability
12877		Apache mod_ssl ssl_io_filter_cleanup Remote Denial Of Service Vulnerability
13537		Apache HTDigest Realm Command Line Argument Buffer Overflow Vulnerability
13777		Apache HTPasswd User Command Line Argument Buffer Overflow Vulnerability
13778		Apache HTPasswd Password Command Line Argument Buffer Overflow Vulnerability
13873		Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities
14366		Apache mod_ssl CRL Handling Off-By-One Buffer Overflow Vulnerability
14620		PCRE Regular Expression Heap Overflow Vulnerability
14660		Apache CGI Byterange Request Denial of Service Vulnerability
15352		Microsoft Windows Graphics Rendering Engine WMF/EMF Format Code Execution Vulnerability
15356		Microsoft Windows Graphics Rendering Engine WMF Format Code Execution Vulnerability

Initial Post on: Friday, 11-Nov-05 11:10:00
Last modified on: Friday, 11-Nov-05 19:27:31