Sysdream / Sécurité Informatique :: Symantec corporate antivirus: escalation privilege vulnerability

Symantec corporate antivirus: escalation privilege vulnerability

//----- Advisory

Program              : Symantec Corporate Antivirus - 10.1
Homepage             : http://www.symantec.com/        
Discovery            : 2006/07/11
Author Contacted     : 2006/07/18
Found by             : ali at sysdream dot com
This Advisory        : ali at sysdream dot com

//----- Application description

Symantec AntiVirus Corporate Edition 10.1 combines industry-leading, real-time malware protection for enterprise workstations and network servers with graphical Web-based reporting and centralized management and administration capabilities. The solution automatically detects and repairs the effects of spyware, adware, viruses, and other malicious intrusions to enable enterprise-wide system uptime.

//----- Description of vulnerabilities

This product is vulnerable to an escalation of privileges vulnerability. Details have not been released yet. We wait for Symantec to publish a patch.

CVE: CVE2006-3455

//----- Impact

This vulnerability allows an intruder to get the SYSTEM privileges on a Windows System, from a limited user account.

//----- Solution

Symantec has not provided any solutions at that time.

//----- Credits

http://www.sysdream.com

ali at sysdream dot com

Liens Relatifs

-->

Produits & Services

Nos Formations

Ethical Hacking

Administration Sécurisée

Certifications Sécurité

Certification Management

Cisco

Développement Sécurisé

Ouvrages Sécurité Informatique

Nos Partenaires

Symantec corporate antivirus: escalation privilege vulnerability

Liens Relatifs

Nos Références

Publication Sécurité Informatique

Staffing

Advisories Sécurité Informatique

Presse Sécurité Informatique

News