Symantec Antivirus Scan Engine: Web Service Administrative Interface Buffer Overflow

Published: 2005-10-05
Last Updated: 2005-10-05 11:20:04 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
iDEFENSE Labs has notified Symantec about a remotely exploitable buffer overflow vulnerability in the Symantec AntiVirus Scan Engine that can allow remote attackers to execute arbitrary code. The iDEFENSE Advisory says "A remote attacker can send a specially crafted HTTP request to the administrative Scan Engine Web Wervice on port 8004 to crash the service or execute arbitrary code."

Patch today folks.

Symantec's Advisory, (with patch and mitigation information) states the "Risk Impact" is High. Affected versions listed are;

Product Version Build Solution

Symantec AntiVirus Scan Engine 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for ISA 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for ISA 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Netapp Filer 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Messaging 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Netapp NetCache 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Network Attached Storage 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Bluecoat 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Caching 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Microsoft SharePoint 4.3 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Clearswift 4.0 All SAVSE 4.3.12
Symantec AntiVirus Scan Engine for Clearswift 4.3 All SAVSE 4.3.12

Non-Affected Product(s)

Product Version Build
Symantec AntiVirus Scan Engine 4.1 All

Keywords:
0 comment(s)

Comments


Diary Archives