Vulnerability Bulletins |
Desbordamiento de búfer en el manejo de archivos UPX en productos Symantec |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software |
Norton AntiVirus for Microsoft Exchange 2.1 <build 2.18.85 Symantec Mail Security for Microsoft Exchange 4.0 <build 4.0.10.465 Symantec Mail Security for Microsoft Exchange 4.5 <build 4.5.3 Symantec AntiVirus/Filtering for Domino NT 3.1 <build 3.1.1 Symantec Mail Security for Domino 4.0 <build 4.0.1 Symantec AntiVirus/Filtering for Domino Ports 3.0 (AIX) < build 3.0.6 Symantec AntiVirus/Filtering for Domino Ports 3.0 (OS400, Linux, Solaris) <build 3.0.7 Symantec AntiVirus Scan Engine 4.3 <build 4.3.3 Symantec AntiVirus for Network Attached Storage <build 4.3.3 Symantec AntiVirus for Caching <build 4.3.3 Symantec AntiVirus for SMTP 3.1 <build 3.1.7 Symantec Mail Security for SMTP 4.0 <build 4.0.2 Symantec Web Security 3.0 <build 3.0.1.70 Symantec BrightMail AntiSpam 4.0 Symantec BrightMail AntiSpam 5.5 Symantec AntiVirus Corporate Edition 9.0 <build 9.01.1000 Symantec AntiVirus Corporate Edition 8.01, 8.1.1 Symantec Client Security 2.0 <build 9.01.1000 Symantec Client Security 1.0, 1.0 Symantec Gateway Security 2.0, 2.0.1 - 5400 Series Symantec Gateway Security 1.0 - 5300 Series Symantec Norton Antivirus 2004 / Windows Symantec Norton Internet Security 2004 (pro) / Windows Symantec Norton System Works 2004 / Windows Symantec Norton Antivirus 2004 / Macintosh Symantec Norton Internet Security 2004 / Macintosh Symantec Norton System Works 2004 / Macintosh Symantec Norton Antivirus 9.0 / Macintosh Symantec Norton Internet Security / Macintosh 3.0 Symantec Norton System Works / Macintosh 3.0 |
Description |
|
|
Se ha descubierto una vulnerabilidad de desbordamiento de búfer (en la zona de heap) en el módulo DEC2EXE utilizado en múltiples productos de Symantec. La vulnerabilidad reside en el manejo de los archivos UPX. La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código arbitrario mediante un archivo UPX especialmente diseñado. |
|
Solution |
|
|
Actualización de software Symantec Actualizar productos afectados mediante Symantec LiveUpdate |
|
Standar resources |
|
| Property | Value |
| CVE | CAN-2005-0249 |
| BID | |
Other resources |
|
|
Symantec UPX Parsing Engine Heap Overflow http://securityresponse.symantec.com/avcenter/security/Content/2005.02.08.html ISS X-Force Advisory http://xforce.iss.net/xforce/alerts/id/187 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-02-09 |
| 1.1 | CAN añadido | 2005-02-24 |