CVE-2007-1792

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2007-1792 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Dyon Balding, Secunia Research.
The original article can be found at: http://secunia.com/secunia_research/2007-48/

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2007-1792

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Symantec Mail Security for SMTP version 5.0 patch 176

Immune Systems:
* Symantec Mail Security for SMTP version 5.0 patch 181
* Symantec Mail Security for SMTP version 5.0.0-36

A crash will cause the Filter Hub service to restart and attempt to reprocess the malicious email causing the mail queue to backup.

The functions that detect the "PE-Shield v0.2" and "ASPack v1.00-1.08.02" both use a value from the executable as an offset into a buffer with insufficient validation.

Solution:
Apply fixes
Symantec Mail Security for SMTP: Update to version 5.0.1 and apply patch 181.

Symantec Mail Security Appliance: Update to version 5.0.0-36 or later.

Time Table:
23/03/2007 - Vulnerability discovered.
10/04/2007 - Vendor notified.
11/04/2007 - Vendor response.
27/06/2007 - Public disclosure.

CVE Information:
CVE-2007-1792

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus