|
-
January 13th, 2004, 06:51 PM
#1
Vulnerabilities in several antivirus products
I did a quick search and didn't find anything about this issue so here goes:
Serious vulnerabilities in several antivirus products could result in denial-of-service conditions, local privilege escalation and other negative consequences. Fixes are available for some of the problems.
When scanning compressed files for virus signatures, antivirus products usually decompress the file first. However, the products with the flaw often don't limit the size of the resulting decompressed file, and extremely large files (billions of zeroes, for instance) can overwhelm the products. Decompressing a large file can take up all available file space on a machine, maxing out CPU usage and causing denial-of-service conditions on the machine.
A different vulnerability in Symantec Corp.'s LiveUpdate can be fixed with the latest patches. A variety of Symantec products are vulnerable to the escalation of privileges to SYSTEM by a local user.
Full story HERE
If this is a duplicate post/thread, let me know and I'll delete this one.
Chees:
-
January 28th, 2004, 09:43 PM
#2
Never heard anything about this, has there been any updated information provided?
-
January 28th, 2004, 10:38 PM
#3
Well, If the registry permissions are set properly I dont see where that would be an issue.
EDIT: Re-read the article....seems to have something to do with either runas and cmd or possibly cmd alone. Will see if I can duplicate it, just for laughs.
EDIT: Nope...can't duplicate it. It would be hard for a user to do that if you were running corporate edition with a NAV master server, as the server is the only system that runs live update. I tried a Win2K box that's running NAV 2003, but I guess I already have the patch.
-
January 28th, 2004, 11:26 PM
#4
i thought i had read something about that last week but its a little different:
http://secunia.com/advisories/10609/
what the people in the labs neglect to tell you is to get these exploits to work you must walk around the server seven time clockwise reciting diety names then kick it real hard
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
January 28th, 2004, 11:29 PM
#5
Originally posted here by Tedob1
what the people in the labs neglect to tell you is to get these exploits to work you must walk around the server seven time clockwise reciting diety names then kick it real hard
What....everybody knows that old trick. 
-
January 28th, 2004, 11:40 PM
#6
So are there really any problems like that? And if so what are the real ways to rectify the issue?
-
January 29th, 2004, 01:26 AM
#7
Simple, my young Padawan....Keep the AV updated and the OS patched, as well as properly secured.
-
January 29th, 2004, 01:33 AM
#8
Well doesnt that just make sense 
boogymantroy
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
