Symantec data centre security software has security holes Security bod Stefan Viehböck has detailed holes in Symantec's data centre security platforms that the company plugged this week because they allowed hackers to gain privilege access to management servers. The patches fix holes in the management server for Symantec Critical System Protection (SCSP) 5.2.9 and its predecessor …
I have implemented this product many times. The first thing you ALWAYS do is protect the management server first. It's irrelevant for the most part that the management server is vulnerable to SQL injection, because the policy you create prevents any SQL injection in the first place. Still, always good to keep it patched, but if its implemented correctly this vulnerability will never open a hole.
" It's irrelevant for the most part that the management server is vulnerable to SQL injection, because the policy you create prevents any SQL injection in the first place"
Keep thinking that, and you'll find yourself in a Sony type situation, where obtaining a single password is enough to take everything. Not take down everything, because copying everything is better. And you'll also suffer the embarrassment of having your own web servers running Torrent software to distribute your own files, because you stored your web server passwords on your file server.
The SQL injection allows any logged in user to get access to the database. It is basically privilege escalation. And once you are in the database server, where can you go from there?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
