1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Symantec AntiVirus Library Heap Overflow

Discussion in 'All Other Software' started by eddie5659, Feb 9, 2005.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    37,025
    Hiya


    ISS has shipped protection for a flaw X-Force has discovered in Symantec AntiVirus Library. The Symantec AntiVirus Library is widely relied upon to provide antivirus capabilities to desktop, server, and gateway systems.
    Also, several large vendors and ISP's implement Symantec's AntiVirus Library in their products. By crafting a UPX file, an attacker is able to trigger a heap overflow within the process importing the Symantec AntiVirus Library.


    Affected Products:

    Symantec Norton Antivirus 2004 for Windows
    Symantec Norton Internet Security 2004 (pro) for Windows
    Symantec Norton System Works 2004 for Windows
    Symantec Norton Antivirus 2004 for Macintosh
    Symantec Norton Internet Security 2004 for Macintosh
    Symantec Norton System Works 2004 for Macintosh
    Symantec Norton Antivirus 9.0 for Macintosh
    Symantec Norton Internet Security for Macintosh 3.0
    Symantec Norton System Works for Macintosh 3.0
    Norton AntiVirus for Microsoft Exchange 2.1 prior to build 2.18.85
    Symantec Mail Security for Microsoft Exchange 4.0 prior to build 4.0.10.465
    Symantec Mail Security for Microsoft Exchange 4.5 prior to build 4.5.3
    Symantec AntiVirus/Filtering for Domino NT 3.1 prior to build 3.1.1
    Symantec Mail Security for Domino 4.0 prior to build 4.0.1
    Symantec AntiVirus/Filtering for Domino Ports 3.0
    (AIX) prior to build 3.0.6
    (OS400, Linux, Solaris) prior to build 3.0.7
    Symantec AntiVirus Scan Engine 4.3 prior to build 4.3.3
    Symantec AntiVirus for Network Attached Storage prior to build 4.3.3
    Symantec AntiVirus for Caching prior to build 4.3.3
    Symantec AntiVirus for SMTP 3.1 prior to build 3.1.7
    Symantec Mail Security for SMTP 4.0 prior to build 4.0.2
    Symantec Web Security 3.0 prior to build 3.0.1.70
    Symantec BrightMail AntiSpam 4.0
    Symantec BrightMail AntiSpam 5.5
    Symantec AntiVirus Corporate Edition 9.0 prior to build 9.01.1000
    Symantec AntiVirus Corporate Edition 8.01, 8.1.1
    Symantec Client Security 2.0 prior to build 9.01.1000
    Symantec Client Security 1.0, 1.0
    Symantec Gateway Security 2.0, 2.0.1 – 5400 Series
    Symantec Gateway Security 1.0 – 5300 Series


    http://xforce.iss.net/xforce/alerts/id/187

    I've also included Symantec's link:

    http://www.symantec.com/avcenter/security/Content/2005.02.08.html

    Regards

    eddie
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    37,025
    this is from Bugtraq:

    This is from Slashdot and consistent with what Symantec phone support
    have told me:

    "If you're running Corporate Edition, you won't be getting the patch via LiveUpdate. You need to call their tech support line with your serial number or contact/contract number, and they'll give you the information (FTP site and password) for obtaining the 9.0 MR3 update for SAV Corporate Edition. This updates the software to version 9.0.3.1000" --SethB

    eddie
     
  3. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    37,025
    Unsticking this now, as its already in Security :)

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/328630

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice