Vulnerability Note VU#849209
Symantec AntiVirus Scan Engine administrative interface contains a buffer overflow vulnerability
Symantec AntiVirus Scan Engine administrative interface contains a remotely exploitatble buffer overflow that may allow an attacker to execute arbitrary code.
The Symantec AntiVirus Scan Engine provides a programming interface to Symantec content scanning and virus detection services. The Symantec AntiVirus Scan Engine includes an administrative interface that is enabled and listening on port 8004/tcp by default. The administrative interface contains a buffer overflow vulnerability that can be triggered by sending a specially crafted HTTP request to port 8004/tcp.
For more detailed information and for a list of vulnerable software, see Symantec Security Response SYM05-017.
A remote, unauthenticated attacker may be able to execute arbitrary code with privileges of the Symantec AntiVirus Scan Engine.
Apply a security update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Symantec, Inc.||Affected||07 Oct 2005||07 Oct 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by iDEFENSE.
This document was written by Jeff Gennari
- CVE IDs: CAN-2005-2758
- Date Public: 05 Oct 2005
- Date First Published: 07 Oct 2005
- Date Last Updated: 10 Oct 2005
- Severity Metric: 26.77
- Document Revision: 45
If you have feedback, comments, or additional information about this vulnerability, please send us email.