---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Norman Antivirus Products Multiple File Parsing Vulnerabilities SECUNIA ADVISORY ID: SA26178 VERIFY ADVISORY: http://secunia.com/advisories/26178/ CRITICAL: Highly critical IMPACT: Security Bypass, DoS, System access WHERE: >From remote SOFTWARE: Norman Virus Control 5.x (Windows) http://secunia.com/product/1108/ Norman Virus Control 5.x for Domino http://secunia.com/product/1161/ Norman Virus Control 5.x for Exchange 2000 http://secunia.com/product/1159/ Norman Virus Control 5.x for Exchange 5.5 http://secunia.com/product/1160/ Norman Virus Control 5.x for Firewall-1 http://secunia.com/product/1165/ Norman Virus Control 5.x for IIS http://secunia.com/product/1162/ Norman Virus Control 5.x for Linux http://secunia.com/product/1164/ Norman Virus Control 5.x for MimeSweeper http://secunia.com/product/1163/ DESCRIPTION: Sergio Alvarez has reported some vulnerabilities in Norman Antivirus products, which can be exploited by malware to bypass certain scanning functionality and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) A boundary error when processing ACE archives can be exploited to cause a buffer overflow when e.g. scanning a specially crafted ACE archive. 2) Three boundary errors when processing LZH archives can be exploited to cause a buffer overflow when e.g. scanning a specially crafted LZH archive. Successful exploitation of the vulnerabilities allow execution of arbitrary code. 3) A divide-by-zero error when processing DOC files can be exploited to to e.g. crash the application via a specially crafted DOC file. 4) An error within the processing of DOC files can be exploited to e.g. cause malware in a specially crafted DOC file to pass the scanning functionality undetected. The vulnerabilities are reported in version 5.90 of the scanner engine. Other versions may also be affected. SOLUTION: Vulnerabilities #3 and #4 have reportedly been fixed in version 5.91.02 of the scanner engine. PROVIDED AND/OR DISCOVERED BY: Sergio Alvarez, n.runs AG ORIGINAL ADVISORY: http://www.nruns.com/security_advisory_Norman_all_ace_buffer_overflow.php http://www.nruns.com/security_advisory_norman_antivirus_lzh_buffer_overflow.php http://www.nruns.com/security_advisory_norton_antivirus_doc_divide_by_zero_dos.php http://www.nruns.com/security_advisory_norman_antivirus_doc_depection_bypass.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------