Norton insufficiently checks calling standard Windows API functions RegSaveKey, RegRestoreKey and RegDeleteKey. A proper combination of mentioned function calls on registry key 'HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc' or on key 'HKLM\SYSTEM\CurrentControlSet\Services\SymEvent' causes a system crash due to erroneous implementation of Norton's driver. Norton Personal Firewall 2006 version 9.1.0.33 is affected. Other versions of Norton software may also be affected.
8691d1f66cce2d51c2c679dfa90755af6fd62ceaf01f42c021b8a8f45c7e0dd7Advisory 2006-07-15.02
Norton Insufficient protection of Norton service registry keys
Basic information:
Release date: July 15, 2006
Last update: July 17, 2006
Type: Implementation bugs
Character: System crash
Status: Unpatched bugs
Risk: Serious bugs
Exploitability: Locally exploitable bugs
Discoverability: Hardly discoverable bugs
Testing program: BTP00004P002NF.zip
Description:
Norton insufficiently checks calling standard Windows API functions RegSaveKey, RegRestoreKey and RegDeleteKey. A proper combination of mentioned function calls on registry key 'HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc' or on key 'HKLM\SYSTEM\CurrentControlSet\Services\SymEvent' causes a system crash due to erroneous implementation of Norton's driver.
Vulnerable software:
* Norton Personal Firewall 2006 version 9.1.0.33
* probably all versions of Norton Personal Firewall 2006 and Norton Internet Security 2006
* possibly older versions of Norton Personal Firewall and Norton Internet Security
Events:
* 2006-07-17: Vulnerability confirmed by popular information sources
* 2006-07-15: Advisory released
* 2006-07-15: Vendor notification
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed