Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NT] Symantec Device Driver Elevation of Privilege

from [SecuriTeam] Network Security [Permanent Link]
Subject: [NT] Symantec Device Driver Elevation of Privilege
Date: 24 Oct 2006 12:09:38 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Symantec Device Driver Elevation of Privilege
------------------------------------------------------------------------


SUMMARY

Symantec was notified of a vulnerability in a device driver which, if 
successfully exploited, could allow a local attacker to execute arbitrary 
code with elevated privileges or to crash the system.

DETAILS

Affected Products:
 * Symantec AntiVirus Corporate Edition version 8.1
 * Symantec AntiVirus Corporate Edition version 9.0.3 and earlier
 * Symantec Client  Security version 1.1
 * Symantec Client Security version 2.0.3 and earlier

Unaffected Products:
 * Symantec AntiVirus Corporate Edition version 8.1.1 MR9
 * Symantec AntiVirus Corporate Edition version 9.0.4 and later
 * Symantec AntiVirus Corporate Edition version 10.x
 * Symantec Client Security version 3.x
 * Norton AntiVirus 2005 and later
 * Norton Internet Security 2005 and later
 * Norton System Works  2005 and later

Boon Seng Lim notified Symantec of a vulnerability in SAVRT.SYS which 
could allow a malicious user to use the output buffer of 
DeviceIOControl()to overwrite kernel addresses because the address space 
of the output buffer was not properly validated.  A successful exploit 
could potentially allow a local attacker to execute code of their choice 
with elevated privileges, or to crash the system.

Symantec Response:
Symantec engineers verified that this issue exists in the affted products 
list above, and have released updates for currently supported affected 
products.

Symantec is not aware of any customers impacted by this issue, or of any 
attempts to exploit the issue.

Any future updates to this adivsory will be posted in the Symantec 
Advisory:
 <http://www.symantec.com/avcenter/security/Content/2006.10.23.html> 
http://www.symantec.com/avcenter/security/Content/2006.10.23.html

CVE Information:
 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3455> 
CVE-2006-3455


ADDITIONAL INFORMATION

The information has been provided by  <mailto:secure@symantec.com> 
Symantec.
The original article can be found at:  
<http://www.symantec.com/avcenter/security/Content/2006.10.23.html> 
http://www.symantec.com/avcenter/security/Content/2006.10.23.html



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NT] Symantec Device Driver Elevation of Privilege, SecuriTeam <=
Previous by Date:  [NEWS] SQL Injection in package MDSYS.SDO_LRS, SecuriTeam
Next by Date:  [NT] CruiseWorks Buffer Overflow and Directory Traversal, SecuriTeam
Previous by Thread:  [NEWS] SQL Injection in package MDSYS.SDO_LRS, SecuriTeam
Next by Thread:  [NT] CruiseWorks Buffer Overflow and Directory Traversal, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]