TITLE:
Symantec Norton Personal Firewall Denial of Service
SECUNIA ADVISORY ID:
SA21938
VERIFY ADVISORY:
http://secunia.c
om/advisories/21938/
CRITICAL:
Not critical
IMPACT:
DoS
WHERE:
Local system
SOFTWARE:
Symantec Norton Personal Firewall 2005
http://secunia.com/p
roduct/6637/
Symantec Norton Personal Firewall 2006
http://secunia.com/p
roduct/6638/
DESCRIPTION:
A vulnerability in Symantec Norton Personal Firewall, which
can be exploited by malicious, **LOCAL** users to cause
a Denial of Service.
The vulnerability is caused due to an error in the handling
of
data
sent to the "\Device\SymEvent" device which is
writable by
"Everyone". This can be exploited to crash a
vulnerable system
by
sending malformed data.
The vulnerability has been confirmed in Symantec Norton
Personal
Firewall 2005 versions 8.0.5.14 and 8.0.7.1, and has also
been
reported in Symantec Norton Personal Firewall 2006 version
9.1.0.33.
Other versions may also be affected.
SOLUTION:
Grant only trusted users access to affected systems.
ORIGINAL ADVISORY:
http:/
/www.matousec.com/info/advisories/Norton-Insufficient-valida
tion-of-SymEvent-driver-input-buffer.php
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|