Symantec Antivirus Scan Engine: Web Service Administrative Interface Buffer Overflow

iDEFENSE Labs has notified Symantec about a remotely exploitable buffer overflow vulnerability in the Symantec AntiVirus Scan Engine that can allow remote attackers to execute arbitrary code. The iDEFENSE Advisory says "A remote attacker can send a specially crafted HTTP request to the administrative Scan Engine Web Wervice on port 8004 to crash the service or execute arbitrary code."

Patch today folks.

Symantec's Advisory, (with patch and mitigation information) states the "Risk Impact" is High. Affected versions listed are;

Product

Version

Build

Solution

Symantec AntiVirus Scan Engine	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for ISA	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for ISA	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Netapp Filer	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Messaging	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Netapp NetCache	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Network Attached Storage	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Bluecoat	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Caching	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Microsoft SharePoint	4.3	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Clearswift	4.0	All	SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Clearswift	4.3	All	SAVSE 4.3.12

Non-Affected Product(s)

Product	Version	Build
Symantec AntiVirus Scan Engine	4.1	All

Patrick

193 Posts

Reply Subscribe

Oct 5th 2005
1 decade ago