Multiple Vulnerabilities Found in Symantec Client Products

Remote attackers could disable or take control of systems running Symantec clients, including Norton Internet Security.

Symantec has acknowledged several serious bugs in several of its client security products in both corporate and consumer editions.

The problems, reported to Symantec Corp. by eEye Digital Security, involve several functions of the products but one specific file, SYMDNS.SYS.

Symantec has provided a brief description, stating that fixes for all of the problems are available through its LiveUpdate and technical-support channels.

Products affected include Symantec Client Firewall versions 5.0.0 through 5.1.1; Symantec Client Security 1.0.0, 1.1.0 and 2.0.0; Norton AntiSpam 2004; Norton Internet Security 2002 through 2004; and Norton Internet Security Professional Edition 2002 through 2004.

/zimages/3/28571.gifFor insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog.

DNS response is one of the functions listed as having such an error. A malicious response to a DNS request could cause the program to fail or alter the flow of the program. There are also errors in the processing of NetBIOS Name Service responses that could allow remote code execution or denial of service. Since NetBIOS is not a routable protocol, such attacks would have to come from within a network segment.

/zimages/3/28571.gifCheck out eWEEK.coms Security Center at for security news, views and analysis. Be sure to add our security news feed to your RSS newsreader or My Yahoo page: /zimages/3/19420.gif