RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
BID:22961
Info
RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
| Bugtraq ID: | 22961 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 14 2007 12:00AM |
| Updated: | Jul 03 2007 10:17PM |
| Credit: | Discovery is credited to David Matousek. |
| Vulnerable: |
Symantec Norton Personal Firewall 2006 9.1.1 .7 |
| Not Vulnerable: | |
Discussion
RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
Norton Personal Firewall 2006 is prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver.
A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users.
This issue is reportedly a regression from the vulnerability described in BID 20051 (Symantec Multiple Products SymEvent Driver Local Denial of Service Vulnerability). Symantec is currently investigating this issue; this BID will be updated as more information becomes available.
NOTE: This BID is being retired because it is already covered in BID 20051.
Norton Personal Firewall 2006 is prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver.
A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users.
This issue is reportedly a regression from the vulnerability described in BID 20051 (Symantec Multiple Products SymEvent Driver Local Denial of Service Vulnerability). Symantec is currently investigating this issue; this BID will be updated as more information becomes available.
NOTE: This BID is being retired because it is already covered in BID 20051.
Exploit / POC
RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
Since this issue is reportedly a regression of the original vulnerability, the previous exploit may possibly be used to exploit this issue, but this has not been confirmed.
Since this issue is reportedly a regression of the original vulnerability, the previous exploit may possibly be used to exploit this issue, but this has not been confirmed.
Solution / Fix
RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
RETIRED:Symantec Norton Personal Firewall 2006 SymEvent Driver Local Denial of Service Vulnerability
References:
References:
- Norton Personal Firewall Homepage (Symantec)
- Symantec Norton Insufficient validation of 'SymEvent' driver inp (David Matousek
- SymEvent Driver Local Access System Denial of Service (Matousec - Transparent security Research