Vulnerability scanners report that the Symantec Endpoint Protection Manager (SEPM) is vulnerable to denial of service exploits CVE-2007-6750, and CVE-2009-5111.
This problem is fixed in Symantec Endpoint Protection 12.1 Release Update 4 (SEP 12.1.4). To obtain the latest version of SEP, see Download the latest version of Symantec Endpoint Protection.
If you cannot upgrade, work around the problem by implementing mod_reqtimeout.so in the SEPM Apache server. This workaround only applies to 12.1.2 or newer managers. There is no workaround available for pre-12.1.2 managers.
Warning: If you implement the workaround, you must re-apply the workaround after migrating to 220.127.116.11 or 12.1.3. You will not need to reapply the workaround after migrating to 12.1.4 or later.
Note: Symantec does not provide Antivirus (AV), SONAR or Intrusion Prevention System (IPS) signatures specifically to protect against CVE-2007-6750, or CVE-2009-5111.