Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA26178] Norman Antivirus Products Multiple File Parsing Vulnerabilities



> ----------------------------------------------------------------------
>
> TITLE:
> Norman Antivirus Products Multiple File Parsing Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA26178
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/26178/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> Security Bypass, DoS, System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> Norman Virus Control 5.x (Windows)
> http://secunia.com/product/1108/
> Norman Virus Control 5.x for Domino
> http://secunia.com/product/1161/
> Norman Virus Control 5.x for Exchange 2000
> http://secunia.com/product/1159/
> Norman Virus Control 5.x for Exchange 5.5
> http://secunia.com/product/1160/
> Norman Virus Control 5.x for Firewall-1
> http://secunia.com/product/1165/
> Norman Virus Control 5.x for IIS
> http://secunia.com/product/1162/
> Norman Virus Control 5.x for Linux
> http://secunia.com/product/1164/
> Norman Virus Control 5.x for MimeSweeper
> http://secunia.com/product/1163/
>
> DESCRIPTION:
> Sergio Alvarez has reported some vulnerabilities in Norman Antivirus
> products, which can be exploited by malware to bypass certain
> scanning functionality and by malicious people to cause a DoS (Denial
> of Service) or compromise a vulnerable system.
>
> 1) A boundary error when processing ACE archives can be exploited to
> cause a buffer overflow when e.g. scanning a specially crafted ACE
> archive.
>
> 2) Three boundary errors when processing LZH archives can be
> exploited to cause a buffer overflow when e.g. scanning a specially
> crafted LZH archive.
>
> Successful exploitation of the vulnerabilities allow execution of
> arbitrary code.
>
> 3) A divide-by-zero error when processing DOC files can be exploited
> to to e.g. crash the application via a specially crafted DOC file.
>
> 4) An error within the processing of DOC files can be exploited to
> e.g. cause malware in a specially crafted DOC file to pass the
> scanning functionality undetected.
>
> The vulnerabilities are reported in version 5.90 of the scanner
> engine. Other versions may also be affected.
>
> SOLUTION:
> Vulnerabilities #3 and #4 have reportedly been fixed in version
> 5.91.02 of the scanner engine.
>
> PROVIDED AND/OR DISCOVERED BY:
> Sergio Alvarez, n.runs AG
>
> ORIGINAL ADVISORY:
> http://www.nruns.com/security_advisory_Norman_all_ace_buffer_o
> verflow.php
> http://www.nruns.com/security_advisory_norman_antivirus_lzh_bu
> ffer_overflow.php
> http://www.nruns.com/security_advisory_norton_antivirus_doc_di
> vide_by_zero_dos.php
> http://www.nruns.com/security_advisory_norman_antivirus_doc_de
> pection_bypass.php
>



 




Copyright © Lexa Software, 1996-2009.