Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
BID:12924
Info
Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
| Bugtraq ID: | 12924 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 28 2005 12:00AM |
| Updated: | Mar 28 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to IPA. |
| Vulnerable: |
Symantec Norton System Works 2005 Premier Symantec Norton Internet Security 2005 Symantec Norton AntiVirus 2005 |
| Not Vulnerable: | |
Discussion
Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
The Symantec Norton AntiVirus AutoProtect SmartScan functionality is reported prone to a local denial of service vulnerability. It is reported that under certain circumstances, when SmartScan is enabled, renaming of a file that is stored on a network share will result in a system crash.
A local attacker may exploit this vulnerability to deny service for legitimate users.
The Symantec Norton AntiVirus AutoProtect SmartScan functionality is reported prone to a local denial of service vulnerability. It is reported that under certain circumstances, when SmartScan is enabled, renaming of a file that is stored on a network share will result in a system crash.
A local attacker may exploit this vulnerability to deny service for legitimate users.
Exploit / POC
Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
Solution:
Symantec has released a product update to address this issue and another denial of service issue. This update may be downloaded and installed manually using Symantec LiveUpdate as follows:
1. Open any installed Symantec product.
2. Click on LiveUpdate in the toolbar.
3. Run LiveUpdate until all available Symantec product updates are downloaded and installed.
Solution:
Symantec has released a product update to address this issue and another denial of service issue. This update may be downloaded and installed manually using Symantec LiveUpdate as follows:
1. Open any installed Symantec product.
2. Click on LiveUpdate in the toolbar.
3. Run LiveUpdate until all available Symantec product updates are downloaded and installed.
References
Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability
References:
References: