Secunia Security Advisory - Some vulnerabilities have been reported in Symantec Norton AntiVirus for Macintosh and Symantec LiveUpdate for Macintosh, which can be exploited by malicious, local users to gain escalated privileges.
abe4f790cafd29832c1b4edc67b57a8a7f55b54ddff27131a9138858cdb57250
TITLE:
Symantec Norton AntiVirus / LiveUpdate for Macintosh Privilege
Escalation
SECUNIA ADVISORY ID:
SA17268
VERIFY ADVISORY:
http://secunia.com/advisories/17268/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
SOFTWARE:
Symantec Norton Utilities for Macintosh 8.x
http://secunia.com/product/5953/
Symantec LiveUpdate for Macintosh 3.x
http://secunia.com/product/5954/
Symantec Norton AntiVirus for Macintosh 10.x
http://secunia.com/product/5949/
Symantec Norton AntiVirus for Macintosh 9.x
http://secunia.com/product/5948/
Symantec Norton Internet Security for Macintosh 3.x
http://secunia.com/product/5951/
Symantec Norton Personal Firewall for Macintosh 3.x
http://secunia.com/product/5950/
Symantec Norton SystemWorks for Macintosh 3.x
http://secunia.com/product/5952/
DESCRIPTION:
Some vulnerabilities have been reported in Symantec Norton AntiVirus
for Macintosh and Symantec LiveUpdate for Macintosh, which can be
exploited by malicious, local users to gain escalated privileges.
1) The suid "DiskMountNotify" component of Symantec Norton AntiVirus
for Macintosh fails to set its execution path environment. This may
be exploited by malicious users to execute arbitrary commands with
System Administrative privileges by modifying the execution path that
the component uses to locate system commands.
The vulnerability has been reported in the following versions :
* version 9.0.0, 9.0.1
* version 9.0.2 (English, Japanese)
* version 9.0.2 Build 5 (French, German, Italian)
* version 9.0.3 (English, Japanese)
* version 10.0.0, 10.0.1
2) The LiveUpdate component uses a suid command-line application to
interface with the Java interpreter. This can be exploited by
malicious users to execute arbitrary Java code with System
Administrative privileges using the interface application.
The vulnerability has been reported in the following products:
* LiveUpdate for Macintosh versions 3.0.0, 3.0.1 and 3.0.2
* LiveUpdate for Macintosh version 3.0.3 Build 5 (English)
* LiveUpdate for Macintosh version 3.0.3 Build 11, 3.5.0 Build 47
* Norton AntiVirus 9.0.x, 10.0.0, 10.0.1
* Norton Personal Firewall 3.0.x, 3.1.0
* Norton Internet Security 3.0.x
* Norton Utilities 8.0.x
* Norton SystemWorks 3.0.x
SOLUTION:
Update to the latest version via Live Update.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits iDEFENSE.
ORIGINAL ADVISORY:
http://securityresponse.symantec.com/avcenter/security/Content/2005.10.19.html
http://securityresponse.symantec.com/avcenter/security/Content/2005.10.19a.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed