‘Critical’ Symantec security holes
p2pnet.net News:- Security company eEye is on a roll.
Around the time Sasser was identified, Apple Computer was issuing a fix for a QuickTime vulnerability it described as minor but which eEye Digital Security, which found the flaw, said was in fact serious.
Now it seems virtually the entire range of Symantec security software from Norton Internet Security to the Symantec Firewall needs revising, says eEye.
“Symantec was informed of the holes on April 19, and provided patches for them today,” says a COMPUTERWORLD story here.
“The patches should be installed as part of the Live Update feature in most packages, but some will require the manual download and installation of patches, and those that have automatic updating switched off will need to run Live Update as soon as possible.”
In its two most recent warnings, eEye speficies:
Symantec Multiple Firewall NBNS Response Processing Stack Overflow (AD20040512A)
- a critical vulnerability in the Symantec firewall product line that would allow a remote, anonymous attacker to execute arbitrary code on a system running an affected version of the product.
Symantec Multiple Firewall DNS Response Denial-of-Service (AD20040512B)
- a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product.
Symantec Multiple Firewall NBNS Response Remote Heap Corruption (AD20040512C)
- a critical remote vulnerability within the Symantec firewall product line. There is a remote heap corruption vulnerability in SYMDNS.SYS, a driver that validates NetBIOS Name Service responses, which can lead to execution of arbitrary code for various Symantec products. Successful exploitation of this flaw yields remote kernel access to the system.
