Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#2671 - 05/14/04 02:13 AM Good thing I use a firewall to protect me from hackers!  
Joined: Oct 2002
Posts: 364
Chem Offline
UGN News Staff
Chem  Offline
UGN News Staff

Joined: Oct 2002
Posts: 364
Vagabond (Location Differs)
Quote:
Symantec Multiple Firewall Remote DNS KERNEL Overflow

Release Date:
May 12, 2004

Date Reported:
April 19, 2004

Severity:
High (Remote Kernel Access)

Vendor:
Symantec

Systems Affected:
Symantec Norton Internet Security 2002
Symantec Norton Internet Security 2003
Symantec Norton Internet Security 2004
Symantec Norton Internet Security Professional 2002
Symantec Norton Internet Security Professional 2003
Symantec Norton Internet Security Professional 2004
Symantec Norton Personal Firewall 2002
Symantec Norton Personal Firewall 2003
Symantec Norton Personal Firewall 2004
Symantec Client Firewall 5.01, 5.1.1
Symantec Client Security 1.0, 1.1, 2.0(SCF 7.1)
Symantec Norton AntiSpam 2004

Description:
eEye Digital Security has discovered a critical remote vulnerability
within the Symantec firewall product line. A buffer overflow exists
within a core driver component that handles the processing of DNS
(Domain Name Service) requests and responses. By sending a DNS Resource
Record with an overly long canonical name, a traditional stack-based
buffer overflow is triggered. Successful exploitation of this flaw
yields remote KERNEL access to the system.

With the ability to freely execute code at the Ring 0 privilege level,
there are literally no boundaries for an attacker.

It should also be noted, that due to a separate design flaw in the
firewalls handling of incoming packets, this attack can be successfully
performed with all ports filtered, and all intrusion rules set.
AHHAHAHA Oh shit.

Source


C++ Should Have Been Called "D"
Sponsored Links
#2672 - 05/14/04 04:22 AM Re: Good thing I use a firewall to protect me from hackers!  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
Thank god i knew norton sucked...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2673 - 05/22/04 12:47 PM Re: Good thing I use a firewall to protect me from hackers!  
Joined: Oct 2003
Posts: 209
Red Mage Offline
Member
Red Mage  Offline
Member

Joined: Oct 2003
Posts: 209
here.
Bah.. I don't like Norton, it wastes memory. Try AVG and stuff.. :p


Those who say do not know.
Those who know do not say.

Member Spotlight
Crime
Crime
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,517
Posts82,687
Average Daily Posts7
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,681
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)