[ news_security_news ]
Holes Found In Symantec Antivirus Scan Engine
John Stith
Staff Writer
2005-10-06
 Insider Reports RSS Feed
Symantec said they've got a problem in their antivirus scan engine. While they've patched the flaw, naughty hackers could still catch unwary users off guard.
The nature of the beast, as in many cases, looks to be part of the problem. The Symantec AntiVirus Scan Engine, a TCP/IP server and programming interface allows third-party developers add their own tweaks to Symantec's scanning for their own applications. The buffer overflow from this process is where the naughty hackers insert their bits of vicious code.
Here's their overview:
The remote exploitation of a buffer overflow vulnerability in the web-based Administrative Interface of the Symantec AntiVirus Scan Engine could potentially allow remote attackers to execute arbitrary code on a targeted system.
iDefense Labs found the flaw and submitted the information to Symantec. Buffer overflow vulnerabilities seem to be one of the most common out there and commonly hit browsers. This particular time, it hit the security company. iDefense posted a bulletin about the vulnerability on Tuesday.
Recent studies suggest security companies like Symantec were ripe to be attacked by hackers. While there was no exploitation of this particular problem, chances are there will be. As it become more financially viable for hackers to attack security companies, they will need to tighten their own defenses and make sure weaknesses like buffer overflows don't exist.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
