Symantec Client Security and Symantec Anti Virus Elevation of Privilege

Symantec Client Security and Symantec Anti Virus Elevation of Privilege

Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Symantec Client Security and Symantec Anti Virus Elevation of Privilege David H. Lipman 06-13-2006
Posted by David H. Lipman on June 13, 2006, 5:25 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
FYI

-----BEGIN PGP SIGNED MESSAGE-----


__________________________________________________________

The U.S. Department of Energy
Computer Incident Advisory Capability
___ __ __ _ ___
/ | /_\ /
\___ __|__ / \ \___
__________________________________________________________

INFORMATION BULLETIN

Symantec Client Security and Symantec AntiVirus Elevation of Privilege
[SYM06-010]

June 13, 2006 17:00 GMT Number Q-218
______________________________________________________________________________
PROBLEM: Symantec Client Security and Symantec AntiVirus Corporate
Edition are susceptible to a potential stack overflow.
PLATFORM: Products Affected
Symantec Client Security 3.1
3.1.0.394
3.1.0.400
Symantec Client Security 3.0
3.0.2.2000
3.0.2.2001
3.0.2.2010
3.0.2.2020
3.0.1.1007
3.0.1.1000
Symantec Antivirus Corporate Edition 10.1
10.1.0.394
10.1.0.400
10.1.0.394 64 bit
10.0.2.2000
10.0.2.2001
10.0.2.2010
10.0.2.2020
10.0.1.1007
10.0.1.1000
Note: All builds listed above are English versions only.
Information on localized product builds can be found in the
Upgrade Information section below.
DAMAGE: Could potentially cause a system crash, or allow a remote or
local attacker to execute arbitrary code with System level
rights on the affected system.
SOLUTION: Upgrade to the appropriate version.
______________________________________________________________________________
VULNERABILITY The risk is HIGH. Could potentially cause a system crash, or
ASSESSMENT: allow a remote or local attacker to execute arbitrary code with
System level rights on the affected system.
______________________________________________________________________________
LINKS:
CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/q-218.shtml
ORIGINAL BULLETIN: Symantec SYM06-010

http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=
CVE-2006-2630
______________________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition

iQCVAwUBRI77prnzJzdsy3QZAQGbWwP/ez02sYkI8rwHPRng6k5+HVP528+PfLbK
Qeo8t/uCdfeYHwyzcS534bFfMOtyXyOsTBxNDXF2zKYe2fKmoORAFDEhL94pq9fR
4Ff5rkFB2HkH4KEgFfNTdmwudcOrnkTupwqSKhPmZAlMaRdESpPxdf8hTuOO7XzJ
C7ko10qwRJA=
=4Jds
-----END PGP SIGNATURE-----


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Leythos on June 13, 2006, 5:32 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
David, the information is more than a month old on the Symantec site.

Does your post indicate that there is something new involved?


Posted by David H. Lipman on June 13, 2006, 5:58 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| David, the information is more than a month old on the Symantec site.

| Does your post indicate that there is something new involved?


Nope. But it does itemize the versions.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by optikl on June 13, 2006, 9:20 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
David H. Lipman wrote:
-218
> ______________________________________________________________________________
> PROBLEM: Symantec Client Security and Symantec AntiVirus Corporate
> Edition are susceptible to a potential stack overflow.
> PLATFORM: Products Affected
> Symantec Client Security 3.1
> 3.1.0.394
> 3.1.0.400
> Symantec Client Security 3.0
> 3.0.2.2000
> 3.0.2.2001
> 3.0.2.2010
> 3.0.2.2020
> 3.0.1.1007
> 3.0.1.1000
> Symantec Antivirus Corporate Edition 10.1
> 10.1.0.394
> 10.1.0.400
> 10.1.0.394 64 bit
> 10.0.2.2000
> 10.0.2.2001
> 10.0.2.2010
> 10.0.2.2020
> 10.0.1.1007
> 10.0.1.1000
Dave, there are patches released, since May 27, that fix the problem.
For example, I was running 10.1.0.400. That has been "patched" and now
I'm running 10.1.0.401, which is not vulnerable. There are patches for
the other products listed, as well.

Posted by David H. Lipman on June 13, 2006, 10:00 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


| Dave, there are patches released, since May 27, that fix the problem.
| For example, I was running 10.1.0.400. That has been "patched" and now
| I'm running 10.1.0.401, which is not vulnerable. There are patches for
| the other products listed, as well.

Right !

And hopefully those who wre not cognizant of what needs to be patched will read
this thread
and take the appropriate action.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Similar ThreadsPosted
symantec June 14, 2008, 3:19 am
Symantec Liveupdate September 26, 2007, 4:44 pm
There were no new updates available for any of your Symantec products. July 15, 2005, 8:12 am
Re: question about Symantec Antivirus 10 January 26, 2006, 12:41 am
Symantec Corporate trial January 27, 2006, 8:30 am
question about Symantec Antivirus 10 January 16, 2006, 11:37 am
Symantec AntiVirus Corp X problems October 11, 2005, 4:58 pm
Sony Rootkit now detected by Symantec November 9, 2005, 11:51 am
Winfixer -- Need help from Microsoft, McAfee, or Symantec November 26, 2005, 11:28 am
Symantec Corporate AV and SQL Server Performance January 7, 2006, 1:43 pm

The site map in XML format XML site map

Contact Us | Privacy Policy