Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Symantec's Anti-Virus Vulnerable To Crashes

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Symantec's Anti-Virus Vulnerable To Crashes
Date: Wed, 30 Mar 2005 00:35:32 -0600 (CST) 
http://www.techweb.com/wire/security/159907804

[Symantec users better patch quickly! 
http://news.com.com/Mytob+e-mail+worm+proliferating+quickly/2100-7349_3-5644978.html
or maybe not... 
http://www.itnews.com.au/newsstory.aspx?CIaNCID=35&CIaNID=18367  - WK]


By TechWeb News 
March 29, 2005

Symantec's Norton AntiVirus line has a pair of vulnerabilities that 
hackers could exploit to crash or hang a targeted PC, Symantec 
announced Monday. 

The Cupertino, Calif.-based security company's consumer AntiVirus 2004 
and AntiVirus 2005 series are at risk, said Symantec, as well as the 
Internet Security and SystemWorks lines, which bundle AntiVirus with 
other security or PC maintenance tools. 

Errors can be forced, said Symantec, by attackers feeding specific 
file types to a machine protected by AntiVirus' Auto-Protect module, 
or by renaming a file on a network share that's then scanned by 
Auto-Protect. (Auto-Protect is Symantec's name for the real-time 
scanner that sniffs through files as they're opened or downloaded.) 

The errors can cause the PC to either slow down to the point of being 
unusable, then crash, or hang, forcing its user to reboot. 

Symantec has issued patches for the vulnerabilities and has already 
fed them to AntiVirus users who have Automatic LiveUpdate enabled. 
Others should run LiveUpdate immediately from within their copies of 
Norton AntiVirus. 

Symantec posted a security alert on its Web site [1] with more 
details. 

[1] 
http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html



_________________________________________
Network Security - http://www.auditmypc.com
Free vulnerability test - How secure is your computer?
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Symantec's Anti-Virus Vulnerable To Crashes, InfoSec News <=
Previous by Date:  [ISN] Re: France puts a damper on flaw hunting (Part II), InfoSec News
Next by Date:  Re: [ISN] Stolen UC Berkeley Laptop Exposes Personal Data of Nearly 100,000, InfoSec News
Previous by Thread:  [ISN] Re: France puts a damper on flaw hunting (Part II), InfoSec News
Next by Thread:  Re: [ISN] Stolen UC Berkeley Laptop Exposes Personal Data of Nearly 100,000, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]