lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 24 Feb 2010 01:46:19 +0100
From: "VUPEN Security Research" <advisories@...en.com>
To: <bugtraq@...urityfocus.com>
Subject: VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability 

VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow 
Vulnerability

http://www.vupen.com/english/research.php


I. DESCRIPTION
--------------------- 

VUPEN Vulnerability Research Team discovered a vulnerability in various
Symantec security products.

The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll
module when processing user-supplied data, which could be exploited by
remote attackers to execute arbitrary code by tricking a user into visiting
a specially crafted web page on a domain masqueraded as an authorized site.


II. AFFECTED PRODUCTS
--------------------------------

Symantec N360 version 1.0
Symantec N360 version 2.0
Symantec Norton Internet Security 2006 through 2008
Symantec Norton AntiVirus 2006 through 2008
Symantec Norton SystemWorks 2006 through 2008
Symantec Norton Confidential 2006 through 2008
Symantec Client Security versions 3.0.x
Symantec Client Security versions 3.1.x


III. SOLUTION
---------------- 

Symantec Client Security - Upgrade to SCS 3.1 MR9

Norton Consumer products - Run LiveUpdate in interactive mode


IV. CREDIT
-------------- 

The vulnerabilities were discovered by VUPEN Security


V. ABOUT VUPEN Security
---------------------------------

VUPEN is a leading IT security research company providing vulnerability
management services to allow enterprises and organizations to eliminate
vulnerabilities before they can be exploited, ensure security policy
compliance and meaningfully measure and manage risks.

VUPEN also provides research services for security vendors (antivirus,
IDS, IPS,etc) to supplement their internal vulnerability research efforts
and quickly develop vulnerability-based and exploit-based signatures,
rules, and filters, and proactively protect their customers against
potential threats.

* VUPEN Vulnerability Notification Service:

http://www.vupen.com/english/services

* VUPEN Exploits and In-Depth Vulnerability Analysis:

http://www.vupen.com/exploits


VI. REFERENCES
----------------------

http://www.vupen.com/english/advisories/2010/0411
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107


VII. DISCLOSURE TIMELINE
----------------------------------- 

2008-04-07 - Vendor notified
2008-04-08 - Vendor response
2008-05-09 - Status update received
2008-06-10 - Status update received
2008-12-05 - Status update received
2010-02-18 - Patches available, public disclosure



Powered by blists - more mailing lists