Security-Alerts mailing list archive (email@example.com)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA26178] Norman Antivirus Products Multiple File Parsing Vulnerabilities
> Norman Antivirus Products Multiple File Parsing Vulnerabilities
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Highly critical
> Security Bypass, DoS, System access
> From remote
> Norman Virus Control 5.x (Windows)
> Norman Virus Control 5.x for Domino
> Norman Virus Control 5.x for Exchange 2000
> Norman Virus Control 5.x for Exchange 5.5
> Norman Virus Control 5.x for Firewall-1
> Norman Virus Control 5.x for IIS
> Norman Virus Control 5.x for Linux
> Norman Virus Control 5.x for MimeSweeper
> Sergio Alvarez has reported some vulnerabilities in Norman Antivirus
> products, which can be exploited by malware to bypass certain
> scanning functionality and by malicious people to cause a DoS (Denial
> of Service) or compromise a vulnerable system.
> 1) A boundary error when processing ACE archives can be exploited to
> cause a buffer overflow when e.g. scanning a specially crafted ACE
> 2) Three boundary errors when processing LZH archives can be
> exploited to cause a buffer overflow when e.g. scanning a specially
> crafted LZH archive.
> Successful exploitation of the vulnerabilities allow execution of
> arbitrary code.
> 3) A divide-by-zero error when processing DOC files can be exploited
> to to e.g. crash the application via a specially crafted DOC file.
> 4) An error within the processing of DOC files can be exploited to
> e.g. cause malware in a specially crafted DOC file to pass the
> scanning functionality undetected.
> The vulnerabilities are reported in version 5.90 of the scanner
> engine. Other versions may also be affected.
> Vulnerabilities #3 and #4 have reportedly been fixed in version
> 5.91.02 of the scanner engine.
> PROVIDED AND/OR DISCOVERED BY:
> Sergio Alvarez, n.runs AG
> ORIGINAL ADVISORY: