Additional Details on SAV 10 Vulnerability released by EEye

By Roger on June 13, 2006 10:40 AM | | Comments (0) | TrackBacks (0)

eEye has released additional details on the SAV 10 vulnerability.
http://www.eeye.com/html/research/advisories/AD20060612.html

As rumored the vulnerability is in the remote management, and would allow an attacker to run code with system priviledges.


Overview:
eEye Digital Security has discovered a vulnerability in the remote management interface for Symantec AntiVirus 10.x and Symantec Client Security 3.x, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The management interface is typically enabled in enterprise settings and listens on TCP port 2967 by default, for both server and client systems.

Categories

Antivirus

Tags

0 TrackBacks

Listed below are links to blogs that reference this entry: Additional Details on SAV 10 Vulnerability released by EEye.

TrackBack URL for this entry: http://www.infosecblog.org/mt-tb20071121.pl/208

Leave a comment

Powered by Ajax Comments

About this Entry

This page contains a single entry by Roger published on June 13, 2006 10:40 AM.

Yahoo Zero Day: JS.Yamanner Update was the previous entry in this blog.

Microsoft Software Removal Tool: Progress Made Trends Observed is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.23-en

Search