Results 1 to 10 of 10

Thread: Symantec Issues - Heads-up!

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Symantec Issues - Heads-up!

    Just got this from Symantec:

    SAVCE elevation of privilege vulnerability

    Overview:
    An elevation of privilege vulnerability in Symantec Client Security and
    Symantec AntiVirus Corporate Edition could potentially allow a local
    attacker to

    execute code with elevated privileges on the target machine.


    Affected Products
    Listed as:
    Product Version
    Affected Build
    Solution
    Applicable Link

    Symantec AntiVirus Corporate Edition 10.0
    All builds prior to the solution
    SAV 10 MR2 MP2 (SAV 10.0.2.2020) and later.
    https://fileconnect.symantec.com/licenselogin.jsp

    Symantec AntiVirus Corporate Edition 9.x
    All builds prior to the solution
    SAV 9 MR5 MP1 (SAV 9.0.5.1100 )and later.
    https://fileconnect.symantec.com/licenselogin.jsp

    Symantec AntiVirus Corporate Edition 8.1
    All builds prior to the solution
    SAV 8.1.1 MR9 build 393 and later.
    https://fileconnect.symantec.com/licenselogin.jsp

    Symantec Client Security 3.0
    All builds prior to the solution
    SCS 3.0.2 MR2-MP2 - build 2020 and later.
    https://fileconnect.symantec.com/licenselogin.jsp

    Symantec Client Security 2.x
    All builds prior to the solution
    SCS 2.0.5 MR5 MP 1 build 1100 and later.
    https://fileconnect.symantec.com/licenselogin.jsp

    Symantec Client Security 1.x
    All builds prior to the solution
    SCS 1.1.1 MR9 build 393


    Note: SCS 1.1.1 and SAV 8.1.1 MR9 are available in English and Japanese
    only. Symantec recommends that SAV Corporate 8.1.1 customers update to the

    international English version of SAV CE 8.1.1 or migrate to a non-vulnerable
    version of SAV Corporate Edition 9 or 10. Symantec Platinum Support
    customers

    can download the English 8.1 update from the Platinum web site. If you do
    not have access to the Platinum web site, please contact Symantec Technical

    Support to obtain the 8.1 update.



    Unaffected Products
    Listed as:
    Product Version
    Notes

    Symantec AntiVirus Corporate Edition 10.1
    No build of SAV CE 10.1 is affected

    Symantec Client Security 3.1
    No build of SCS 3.1 is affected

    Norton product line all
    None of the Norton products are affected


    Symantec Response:
    Symantec engineers have verified that these vulnerabilities exist in the
    product versions listed in the table above and have provided updates to
    address the

    issues.

    Symantec is not aware of any customers impacted by either of these issues or
    of any attempts to exploit them.
    As a part of normal best practices, users should keep vendor-supplied
    patches for all application software and operating systems up-to-date.
    Symantec

    recommends any affected customers update their product to protect against
    these types of threats.


    Mitigation:
    In a managed environment, administrators can lock the ability to change the
    notification messages. This option prevents users from easily changing the


    alert messages.


    For additional information and any updates, please see the following
    advisory: http://www.symantec.com/avcenter/sec...dvisories.html
    Cheers:
    DjM

  2. #2
    Junior Member
    Join Date
    Apr 2006
    Posts
    20
    Actually this has been out for quite a while now.

    http://www.securityfocus.com/bid/18107

    http://securityresponse.symantec.com...006.05.25.html

    Hope this helps!

  3. #3
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    stlivingston this was just released yeseterday by Symantec, try following the link provided.

    SYM06-017
    September 13, 2006
    Symantec AntiVirus Corporate Edition Elevation of Privilege

    It even has a different CVE assigned to it. The link you provided has a CVE-2006-2630 this one has CVE-2006-3454 and this indicates that this is a new and /different/ vulnerability. It may have the same outcome but it is probably achieved in a different way.

    Hope that helps

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  4. #4
    Junior Member
    Join Date
    Apr 2006
    Posts
    20
    Thanks for the heads up! I wasn't aware of this case.

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Good thing I upgraded all of our servers and clients to 10.1 the other week.
    =

  6. #6
    AO Guinness Monster MURACU's Avatar
    Join Date
    Jan 2004
    Location
    paris
    Posts
    1,003
    thanks for the heads up DJM. but looks like you have a troll stuck to your thread.
    \"America is the only country that went from barbarism to decadence without civilization in between.\"
    \"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
    Oscar Wilde(1854-1900)

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Troll removed

  8. #8
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by nihil
    Troll removed
    Geeezzz nihil, at least you could have given me a chance to take a poke at him.



    Cheers:
    DjM

  9. #9
    Junior Member
    Join Date
    Apr 2006
    Posts
    20
    I'm still rather new to this site. What do you mean by troll?

    Sorry for my ignorance!

  10. #10
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by stlivingston
    I'm still rather new to this site. What do you mean by troll?

    Sorry for my ignorance!
    In Internet terminology, a troll is someone who comes into an established community such as an online discussion forum, and posts inflammatory, rude, repetitive or offensive messages designed intentionally to annoy or antagonize the existing members or disrupt the flow of discussion, including the personal attack of calling others trolls. Often, trolls assume multiple aliases, or sock puppets.
    More Info:

    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •