Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA29140] Symantec Products Symantec Decomposer RAR File Handling Vulnerabilities



>
> TITLE:
> Symantec Products Symantec Decomposer RAR File Handling
> Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA29140
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/29140/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> Symantec AntiVirus for Network Attached Storage 4.x
> http://secunia.com/product/4625/
> Symantec AntiVirus Scan Engine 4.x
> http://secunia.com/product/3040/
> Symantec AntiVirus/Filtering for Domino 3.x
> http://secunia.com/product/2029/
> Symantec Mail Security for Exchange 4.x
> http://secunia.com/product/2820/
> Symantec Mail Security for Microsoft Exchange 5.x
> http://secunia.com/product/6650/
> Symantec Scan Engine 5.x
> http://secunia.com/product/6651/
>
> DESCRIPTION:
> Two vulnerabilities have been reported in various Symantec products,
> which can be exploited by malicious people to cause a DoS (Denial of
> Service) or compromise a vulnerable system.
>
> 1) A boundary error in Symantec's Decomposer engine can be exploited
> to cause a stack-based buffer overflow when handling a specially
> crafted .RAR file.
>
> Successful exploitation allows execution of arbitrary code.
>
> 2) An error in Symantec's Decomposer engine can be exploited to cause
> the process to consume large amounts of memory when handling a
> specially crafted .RAR file.
>
> The vulnerabilities affect all builds of the following products:
> * Symantec AntiVirus for Network Attached Storage version 4.3.16.39
> and prior
> * Symantec AntiVirus Scan Engine version 4.3.16.39 and prior
> * Symantec AntiVirus Scan Engine for Caching version 4.3.16.39 and
> prior
> * Symantec AntiVirus Scan Engine for Clearswift version 4.3.16.39 and
> prior
> * Symantec AntiVirus Scan Engine for Messaging version 4.3.16.39 and
> prior
> * Symantec AntiVirus Scan Engine for MS ISA version 4.3.16.39 and
> prior
> * Symantec AntiVirus Scan Engine for MS SharePoint version 4.3.16.39
> and prior
> * Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris)
> all versions
> * Symantec Mail Security for Microsoft Exchange version 4.6.5.12 and
> prior
> * Symantec Mail Security for Microsoft Exchange version 5.0.4.363 and
> prior
> * Symantec Scan Engine version 5.1.4.24 and prior
>
> SOLUTION:
> Update to the latest versions. Please see the vendor's advisory for
> details.
>
> PROVIDED AND/OR DISCOVERED BY:
> 1) Discovered by an anonymous researcher and reported via iDefense
> Labs.
> 2) Discovered by an anonymous researcher and reported via iDefense
> Labs.
>
> ORIGINAL ADVISORY:
> SYM08-006:
> http://www.symantec.com/avcenter/security/Content/2008.02.27.html
>
> iDefense Labs:
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=666
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=667
>
>



 




Copyright © Lexa Software, 1996-2009.