Help - Search - Members - Calendar
Full Version: Symantec Vulnerability Found
BleepingComputer.com > Security > Breaking Virus & Security News
   
TeMerc
May 25 2006, 07:01 PM
QUOTE
eEye Digital Security is reporting that they have uncovered a major vulnerability in Symantec's AV product. Basically it will allow a remote hacker to compromise any machine that is running Norton Anti-Virus. This is a big oops. Symantec will have to scramble to get an update pushed out to all of their customers. I would imagine they can do this before an exploit is developed that allows wide spread use of the vulnerability or a worm to spread.

This revelation coincides with Symantec's press release announcing their 200 millionth customer. Not a happy coincidense.


Threat Chaos Blog

Mod Edit: Topic moved to more appropriate forum ~ Animal
TeMerc
May 26 2006, 02:19 PM
SYM06-010
May 25, 2006
Symantec Client Security and Symantec AntiVirus Elevation of Privilege
Revision History
May 26, 2006 - Updated Products Affected section and other details

Impact
High
Remote
Yes
Local
Yes
Authentication Required
No
Exploit publicly available
No


Overview
A stack overflow in Symantec Client Security and Symantec AntiVirus Corporate Edition could potentially allow a remote or local attacker to execute code on the affected machine.

Products Affected
Product Version Build Solution
Symantec Client Security 3.1 All Pending
Symantec Antivirus Corporate Edition 10.1 All Pending


Products Not Affected
Norton Product line No products in the Norton product line are affected
Details
Symantec was notified that Symantec Client Security and Symantec AntiVirus Corporate Edition are susceptible to a potential stack overflow. Exploiting this overflow successfully could potentially cause a system crash, or allow a remote or local attacker to execute arbitrary code with System level rights on the affected system.

Symantec Response
This advisory will be updated when product updates to address this issue are available.

Upgrade Information
Symantec engineers have verified that this vulnerability exists in the product versions listed above. We are continuing to evaluate other versions of our software. This advisory will be updated when additional information is available.

Symantec Advidsory

Source: SANS
Elendil
May 27 2006, 10:02 AM
One of the reasons why I'm not using Norton anymore! thumbup2.gif
tekman22003
May 27 2006, 10:06 AM
I stopped using Symantec years ago. PC Cillian is the best as far as I am concerned.
Elendil
May 27 2006, 11:28 AM
My post is supposed to say Symantec and Norton.... just realized that now.
TeMerc
May 27 2006, 03:31 PM
Handler's Diary May 27th 2006

Symantec Patch Posted (NEW)
Published: 2006-05-27,
Last Updated: 2006-05-27 20:01:00 UTC by Deborah Hale (Version: 1)

QUOTE
Symantec has just posted patches for the Security Advisory SYM06-010. It appears at this time that the patches are manual download and install. We don't know at this point if a product live update will be posted for these patches but for the meantime it is there for manual load.

So for those of you enjoying the long weekend, look at what you get to look forward to on Tuesday. If you are running Symantec Corporate Edition 10.1 you get to spend Tuesday patching.


Symantec Patch

SANS
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.