Symantec N360 version 2.0
Symantec Norton Internet Security 2006 through 2008
Symantec Norton AntiVirus 2006 through 2008
Symantec Norton SystemWorks 2006 through 2008
Symantec Norton Confidential 2006 through 2008
Symantec Client Security versions 3.0.x
Symantec Client Security versions 3.1.x
III. SOLUTION
----------------
ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-018
April 28, 2009
-- CVE ID:
CVE-2009-1430
-- Affected Vendors:
Symantec
Norton Personal Firewall 2005, 2006
Norton System Works 2005, 2006
Symantec AntiVirus Corporate Edition 10.0
Symantec AntiVirus Corporate Edition 10.1, prior to SAV 10.1 MR6 MP1
Symantec AntiVirus Corporate Edition 9, prior to SAV 9 MR6 MP1
Symantec Client Security 3.1, prior to SCS 3.1 MR6 MP1
Symantec Client Security 2.x, prior to SCS 2.0 MR6 MP1
Unaffected Products
- Symantec AntiVirus for Caching
- Symantec AntiVirus for Messaging
- Symantec Protection for SharePoint Servers
- Symantec Protection Suite
- Symantec Scan Engine
- Symantec Client Security
- Symantec Endpoint Protection
- Symantec AntiVirus Corporate Edition
- Norton Internet Security
- Norton 360
- Norton AntiVirus
I. BACKGROUND
Symantec System Center is an MMC (Microsoft Management Console) snap-in
that allows an administrator to remotely manage Symantec products. The
Symantec System Center comes bundled with several Symantec products,
including Symantec Client Security and Symantec AntiVirus. It contains
an optional component called the Alert Management System Console. This
component starts a service (Intel File Transfer) that listens on TCP
port 12174.
II. DESCRIPTION
