BleepingComputer.com: Symantec Firewall Vulnerabilities - CRITICAL UPDAT

Symantec Firewall Vulnerabilities - CRITICAL UPDATE

Please update ASAP as this one has worm potential.

Symantec Firewall Vulnerabilities - CRITICAL UPDATE
http://secunia.com/advisories/11066/
http://www.theinquirer.net/?article=15886


SYM04-008 - Symantec Client Firewall Remote Access and Denial of Service Issues
http://securityresponse.symantec.com/avcen...2004.05.12.html

Overview: A Secunia security bulletin warns of a number of "extremely critical" holes in Symantec firewalls which could lead to denial of service attacks and system access. eEye Digital Security notified Symantec Corporation of four vulnerability issues they discovered in the Symantec Client Firewall products for Windows. By properly exploiting these issues, an attacker could render the targeted system inoperable or execute remote code with kernel-level privileges on the targeted system.

Affected Components - Consumer Versions:
Symantec Norton Internet Security and Professional 2002, 2003, 2004
Symantec Norton Personal Firewall 2002, 2003, 2004
Symantec Norton AntiSpam 2004

Affected Components Corporate Versions:
Symantec Client Firewall 5.01, 5.1.1
Symantec Client Security 1.0, 1.1, 2.0(SCF 7.1)

Please update and if you have family or friends using these products, please encourage them to Live Update ASAP as the bad guys are hard at work.

Exploit code for Symantec Multiple Firewall DNS Response DOS Released
http://www.incidents.org/diary.php?date=2004-05-15

Code exploiting the recently published vulnerability (http://www.eeye.com/html/Research/Advisories/AD20040512B.html ) in some of Symantec's security products (Norton Internet Security, Norton Personal Firewall, and Norton Anti-Spam) has been posted on Bugtraq. This vulnerability does not provide a remote shell, but is a Denial-of-Service attack.

Again, if you run these products, please update them using Live Update. We predict that it's only a matter of time before we see a "Witty"-like worm in the wild.