pcAnywhere SymEvent Driver Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1016896 |
|
SecurityTracker URL: http://securitytracker.com/id/1016896
|
|
CVE Reference:
CVE-2006-4855
(Links to External Site)
|
Date: Sep 21 2006
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 11.5 only
|
Description:
A vulnerability was reported in pcAnywhere. A local user can cause denial of service conditions.
A local user can provide excessive arbitrary data to the Symantec SymEvent driver to cause the driver to halt the system. A reboot is required to return the system to normal operations.
Other Symantec products are affected, including Norton Personal Firewall, Norton Internet Security, Norton SystemWorks, Norton Anti-Virus, Symantec AntiVirus Corporate Edition, Symantec pcAnywhere, and Symantec Host IDS.
David Matousek reported this vulnerability.
The original advisory is available at:
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php
|
Impact:
A local user can cause the target system to halt.
|
Solution:
The vendor has issued a fixed version of SymEvent (11.6.8).
The Symantec advisory is available at:
http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html
|
Vendor URL: securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 20 Sep 2006 15:13:48 -0400
Subject: Norton/Symantec product vulnerabilities
|
http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html
SYM06-018
September 20, 2006
Symantec: SymEvent Driver Local Access System Denial of Service
|
|
