Symantec LiveUpdate Security Flaw
Results 1 to 2 of 2

Thread: Symantec LiveUpdate Security Flaw

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Symantec LiveUpdate Security Flaw

    Overview
    Security analysts from Secure Network Operations notified Symantec of a potential issue with the NetDetect task that runs as a scheduled task as a part of Automatic LiveUpdate. If the system is configured as a multi-user system with privileged and non-privileged user access, a non-privileged user could potentially access and manipulate the Symantec Windows LiveUpdate GUI functionality to gain privileged system access.

    NOTE: Neither of these potential issues could be used to deploy malware or result in remote access to a client system.

    Affected Components
    Symantec Windows LiveUpdate prior to v2.5
    Symantec Norton SystemWorks 2001-2004
    Symantec Norton AntiVirus and Pro 2001-2004
    Symantec Norton Internet Security and Pro 2001-2004
    Symantec AntiVirus for Handhelds Retail and Corporate Edition v3.0
    Link and More Info : http://securityresponse.symantec.com...04.12.13a.html
    -Simon \"SDK\"

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    i dont have a vulnerable version so i cant test it but i would think someone could browse to %system%, start regedit (or just run a .reg file) and use svchost to start a netcat server at boot-up. when an admin logged in the whole network could be accessed with psexec. me thinks they're playing it down some.

    from the link you gave:

    Symantec Response
    Symantec engineers had already identified this issue in supported versions of Symantec Windows LiveUpdate and were in the process of addressing it when Secure Network Operations analysts contacted us with their verification of the issue. Symantec addressed this issue in Symantec Windows LiveUpdate v2.5, which if customers have been keeping their systems updated should have already been installed on affected Symantec products. The latest version of Symantec Windows LiveUpdate is also available for download from the Symantec technical support site at
    http://www.symantec.com/techsupp/files/lu/lu.html.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •