Symantec software open to denial of service attacks

 

Gallery

By Barry Collins

Posted on 29 Feb 2008 at 09:48

Symantec has admitted that certain versions of its security software are susceptible to denial of service attacks.

Products such as Symantec AntiVirus for Network Attached Storage and Mail Security for Microsoft Exchange contain an error with the Decomposer engine (the software that uncompresses files), which could result in malicious code causing systems to crash.

"The first issue is triggered when it receives malicious content," reads an advisory on Symantec's website. "If sufficiently malformed, this could possibly cause large amounts of memory to be consumed which could result in a Denial of Service.

"The second issue is a buffer overflow that can cause the decomposer to crash causing a Denial of Service condition and the potential for remote code execution."

The company says it has solved the problem and advises IT managers to update their software to the latest version to ensure they are not affected. Customers running the LiveUpdate service will have already received the patch.

"Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue," the advisory claims.