APP: Norton Anti-Virus Enterprise Web OverFlow
This signature detects attempts to exploit a known vulnerability in Norton Antivirus Enterprise (NAV). A successful attack can cause a stack overflow causing a denial-of-service condition or arbitrary code execution.
Extended Description
A buffer overflow vulnerability exists in the Web-based administrative interface of the Symantec Antivirus Scan Engine. This issue is due to improper bound checking of user-supplied data prior to copying it into an insufficiently sized memory buffer. This vulnerability allows attackers to execute arbitrary machine code in the context of the affected application. This allows remote attackers to gain privileged remote access to computers running the affected application.
Affected Products
Symantec antivirus_scan_engine_for_isa
Short Name
APP:NAV-ENT-WEB-OF-2
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Anti-Virus CVE-2005-2758 Enterprise Norton OverFlow Web bid:15001
Release Date
11/28/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
Port
TCP/8004
False Positive
Unknown
Vendors
Symantec
CVSS Score
10.0