Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > 'High' risk in Symantec (Norton) antivirus software flaw

Reply
Thread Tools

'High' risk in Symantec (Norton) antivirus software flaw

 
 
Tony
Guest
Posts: n/a
 
      12-21-2005
Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
potentially can be exploited by malicious people to compromise a vulnerable
system.

The vulnerability is caused due to a boundary error in Dec2Rar.dll when
copying data based on the length field in the sub-block headers of a RAR
archive. This can be exploited to cause a heap-based buffer overflow and may
allow arbitrary code execution when a malicious RAR archive is scanned.

The vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and
potentially affects all Symantec products that use the DLL.

Affected software listed here http://secunia.com/advisories/18131/

Symantec has not yet released a patch to address this problem. In the
meantime, Wheeler recommends that users "disable scanning of RAR-compressed
files until the vulnerable code is fixed."


 
Reply With Quote
 
 
 
 
Evan Platt
Guest
Posts: n/a
 
      12-21-2005
On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <(E-Mail Removed)> wrote:

>Symantec has not yet released a patch to address this problem. In the
>meantime, Wheeler recommends that users "disable scanning of RAR-compressed
>files until the vulnerable code is fixed."


I think a better suggestion would be to remove Symantec and use
something else.
 
Reply With Quote
 
 
 
 
joevan
Guest
Posts: n/a
 
      12-21-2005
On Wed, 21 Dec 2005 11:34:16 -0800, Evan Platt
<evan@*******************************> wrote:

>On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <(E-Mail Removed)> wrote:
>
>>Symantec has not yet released a patch to address this problem. In the
>>meantime, Wheeler recommends that users "disable scanning of RAR-compressed
>>files until the vulnerable code is fixed."

>
>I think a better suggestion would be to remove Symantec and use
>something else.


Like Kaspersky, which is the best and prolly cost no more than
Symantec.
--
"Politicians are like diapers. They should both be changed frequently
and for the same reason."
 
Reply With Quote
 
Eroluk the minnow-embezzler
Guest
Posts: n/a
 
      12-21-2005
joevan <(E-Mail Removed)> wrote:

> I've got a haemmorrhoid sticking out. It's all squeezy & squashy down
> there; it's about the size of a wallnut. Can I snip it off?


 
Reply With Quote
 
Noel Paton
Guest
Posts: n/a
 
      12-21-2005

"Evan Platt" <evan@*******************************> wrote in message
news:(E-Mail Removed)...
> On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <(E-Mail Removed)> wrote:
>
>>Symantec has not yet released a patch to address this problem. In the
>>meantime, Wheeler recommends that users "disable scanning of
>>RAR-compressed
>>files until the vulnerable code is fixed."

>
> I think a better suggestion would be to remove Symantec and use
> something else.


*Anything* else??

Common sense is a good starting point!

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's


 
Reply With Quote
 
Plato
Guest
Posts: n/a
 
      12-22-2005
Tony wrote:
>
> Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
> potentially can be exploited by malicious people to compromise a vulnerable
> system.


All anti-virus programs have niggles. This is NOT new news.




--
http://www.bootdisk.com/


 
Reply With Quote
 
Tony
Guest
Posts: n/a
 
      12-22-2005

"Plato" <|@|.|> wrote in message
news:43aa4d14$1$33425$(E-Mail Removed)...
> Tony wrote:
>>
>> Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
>> potentially can be exploited by malicious people to compromise a
>> vulnerable
>> system.

>
> All anti-virus programs have niggles. This is NOT new news.
>

Not just anti-virus programs but lots of programs do. This is a specific
vulnerability that has just been announced so this is "new news". I posted
it to inform people who may wish to know and might have an issue if they
download RAR files. If you don't want to know then move on and don't read
the post.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Symantec Posts Fix To AV Flaw Imhotep Computer Security 2 05-30-2006 12:17 AM
Outlook TNEF flaw could be much worse than WMF flaw Au79 Computer Support 0 01-13-2006 10:48 PM
IE Flaw Puts Windows XP SP2 At Risk Imhotep Computer Security 0 09-17-2005 07:06 PM
MICROSOFT Investigating High-Risk IE Flaw Au79 Computer Support 0 09-03-2005 09:09 PM
symantec: norton antivirus versus norton antivirus corporate alexander rickert Computer Information 3 11-03-2004 09:37 PM



Advertisments