Author Topic: Big hole in Symantic Anti-Virus Software  (Read 3058 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Big hole in Symantic Anti-Virus Software
« on: May 27, 2006, 12:54:35 PM »
Hi malware fighters,

A big flaw has been discovered in Symantic AV Software:
http://eeye.com/html/research/upcoming/20060524.html

Finding exploitable leaks inside security software is bad as it is, but finding up problems of a general nature like stack-based buffer overflows means that there are systematic problems. Secure coding is expensive to small developers, but a multi million company like  Symantec could afford to do so".

If the vulnerability is exploitable by a worm, this could mean there would be a gigantic spread, because Symantic runs on many a machine, but it was stated that Norton Internet Security 2006 as used by many consumers is not vulnerable.

But recently also a flaw with the scanning engine was patched:Symantec Scan Engine Web Interface Unauthorized Access Vulnerability: By exploiting a proprietary XML command language, a remote unauthorized attacker could access the Scan Engine's administrative interface, allowing them to do anything a local user could do. Symantec has released an update, available here:
http://securityresponse.symantec.com/avcenter/security/Content/2006.04.21.html

polonus

« Last Edit: May 27, 2006, 01:03:37 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

cyfer

  • Guest