Symantec AntiVirus Scan Engine administrative interface contains a remotely exploitatble buffer overflow that may allow an attacker to execute arbitrary code.
The Symantec AntiVirus Scan Engine provides a programming interface to Symantec content scanning and virus detection services. The Symantec AntiVirus Scan Engine includes an administrative interface that is enabled and listening on port 8004/tcp by default. The administrative interface contains a buffer overflow vulnerability that can be triggered by sending a specially crafted HTTP request to port 8004/tcp.
For more detailed information and for a list of vulnerable software, see Symantec Security Response SYM05-017.
A remote, unauthenticated attacker may be able to execute arbitrary code with privileges of the Symantec AntiVirus Scan Engine.
Apply a security update
This vulnerability was reported by iDEFENSE.
This document was written by Jeff Gennari
|Date First Published:||2005-10-07|
|Date Last Updated:||2005-10-10 12:28 UTC|