lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <OF3EA7D974.428EF713-ON86256E70.00469599-86256E70.0047560B@symantec.com>
Date: Thu, 8 Apr 2004 08:01:29 -0500
From: Sym Security <secure@...antec.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re:  Symantec Virus Detection(Free ActiveX) - Remote Buffer Overflow, Apr 7
 2004 2:22AM


In Response to:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application:    Symantec Virus Detection(Free ActiveX)
Vendors: 
http://security.symantec.com/sscv6/vc_scan.asp?langid=ie&venid=sym&plfid=23&pkj=WJDORSJRFSKLUKUMXCC&vc_scanstate=2

Platforms:        Windows
Bug:                 Buffer Overflow
Risk:                 High - Running Arbitary Code
Exploitation:    Remote with browser
Date:                1 Apr 2004
Author:             Rafel Ivgi, The-Insider
e-mail:              the_insider mail com
web:                 http://theinsider.deep-ice.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1) Introduction
2) Bugs
3) The Code

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


-------------------------------------snip-----------------------------------------------------------------------------




Symantec has closely reviewed our Symantec Security Check based on Rafel 
Ivgi's finding in the referenced posting.
We have confirmed there is no buffer overflow and no remote code execution 
issue in the Symantec Security Check application. 
However, Symantec engineers were able to recreate a very low risk process 
crash given a sufficently large quanity of data passed
to the function in question. 

Following this scenerio, a user who recently ran a virus/security scan 
using Symantec Security Check could possibly see their 
browser crash were they to visit a malicious web site that was able to 
successfully exploit that issue.  In no instance would the
attacker be able to execute any remote code on the user system nor would 
the attacker gain access to any unauthorized information 
on the user's system through an attack against  Symantec's  Security Check 
application.

Symantec takes the security and functionality of our products very 
seriously and we are addressing the process crash issue in
Symantec Security Check.  Symantec will work closely in cooperation with 
anyone who feels they have found an issue in a Symantec product.
Contact secure@...antec.com.

Symantec Product Security Team
secure@...antec.com
http://www.symantec.com/security



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ