Symantec Plugs DoS Flaws in Brightmail

Internet security software vendor Symantec Corp. has shipped a patch for a pair of security flaws affecting users of its enterprise-facing Brightmail AntiSpam product.

According to a security advisory from Symantec, the vulnerabilities can be exploited by malicious hackers to launch denial-of-service attacks.

The company warned users of the Symantec Brightmail AntiSpam 6.x to upgrade immediately to protect against remote attacks.

Security alerts aggregator Secunia Inc. rates the flaws as “moderately critical” and recommended that users apply Symantecs Patch 157 (Zip file).

/zimages/2/28571.gifRead more here about Symantecs acquisition of Brightmail.

The first bug is described as an error in the anti-virus program when scanning or cleaning certain messages. The error occurs, for example, when scanning messages containing deeply nested zip files and may be exploited to cause Brightmail to process the messages for an extended period of time.

A second error in the decomposer occurs when processing messages containing winmail.dat objects embedded in a MIME file. A malicious attacker may exploit this flaw to crash the decomposer, Symantec acknowledged.

It is the second time this year that Symantec has rushed out security fixes for holes in the Brightmail program. Back in June, the company shipped a Brightmail upgrade to fix an error in the static database administration password, which could be exploited to gain administrative access to the database containing quarantined messages for review.

Symantec acquired Brightmail for approximately $370 million in cash last May with long-term plans to integrate the anti-spam software into its own family of gateway appliances.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.