var-200605-0399
Vulnerability from variot
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. Symantec products are vulnerable to a stack-based buffer overflow. Symantec AntiVirus Corporate Edition 10.1 and Symantec Client Security 3.1 are currently known to be vulnerable to this issue. All supported platforms are affected including Microsoft Windows and Novell Netware. Symantec AntiVirus is a very popular antivirus solution. The remote management protocol used by the affected products for communication is a proprietary message-based protocol with two levels of encapsulation. The outer layer consists of message headers, which may be message type 10, which means requesting Rtvscan.exe, or type 20 or 30, which means forwarding SSL negotiation. If SSL is created for a TCP connection, subsequent communication is encrypted, although there is still plaintext in the private format. The data of the type 10 message contains its own header and message body, both of which are processed by Rtvscan.exe. There is a command field in this header, which specifies the operation to be performed and the format of the message body data. COM_FORWARD_LOG (0x24) The command handler does not use strncat correctly, allowing to overwrite the 0x180 byte stack buffer with arbitrary data. If the first string in the COM_FORWARD_LOG request contains a backslash, one of two strncat calls is performed: * If the string contains commas but no double quotes: strncat(dest, src, 0x17A - strlen(src )); * Otherwise: strncat(dest, src, 0x17C - strlen(src)); If the length of the source string exceeds 0x17A or 0x17C characters respectively, the arithmetic will underflow, resulting in a large memory copy size. This might allow appending this source string to the buffer, overwriting the stack with 64KB of data (null characters excluded). Rtvscan.exe is compiled with the Visual Studio /GS security option and includes stack canary checks. But an attacker can bypass this security measure by overriding and controlling the exception handler registration.
SOLUTION: Apply patches (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: eEye Digital Security
ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
eEye Digital Security: http://www.eeye.com/html/research/upcoming/20060524.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200605-0399",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.394"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.400"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.0.2.2020"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.0.2.2010"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.0.2.2020"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.0.2.2021"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.0.2.2010"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.1.400"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.446"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2010"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.401"
},
{
"model": "client security mr7 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.464"
},
{
"model": "client security mr4 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.446"
},
{
"model": "antivirus corporate edition 1.425a/b",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.9378"
},
{
"model": "client security b8.01.9374",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.394"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.434"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.396"
},
{
"model": "client security mr5 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.457"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1.377"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1.366"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2001"
},
{
"model": "antivirus corporate edition build 8.1.1.314a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "client security mr6 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.460"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.400"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "client security mr3 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.434"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3.1000"
},
{
"model": "client security b8.01.9378",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.0"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.323"
},
{
"model": "client security mr3 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.323"
},
{
"model": "client security mr2 b9.0.2.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.2"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1.401"
},
{
"model": "client security mr1 b8.01.425a/b",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2.1000"
},
{
"model": "client security (scf",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.07.1)"
},
{
"model": "client security stm build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.09.0.0.338"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.501"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2000"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2000"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2002"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.460"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.329"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2011"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2020"
},
{
"model": "client security mr4 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.329"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2021"
},
{
"model": "client security mr2 b8.01.429c",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "antivirus corporate edition .0.825a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "client security mr3 b9.0.3.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.319"
},
{
"model": "client security mr5 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.336"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "client security mr9 b8.01.501",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2002"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.9374"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.396"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.437"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.457"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.0.338"
},
{
"model": "client security mr2 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.319"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "client security mr1 build 8.1.1.314a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.464"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2001"
},
{
"model": "client security mr8 build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.471"
},
{
"model": "client security mr1 b9.0.1.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "client security build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.437"
},
{
"model": "antivirus corporate edition 1.429c",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1.1.1000"
},
{
"model": "client security mr6 b8.1.1.266",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2011"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.4"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2021"
},
{
"model": "client security stm b8.1.0.825a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.471"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "BID",
"id": "18107"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eEye info@eEye.com Derek Soeder dsoeder@eeye.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2630",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2630",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-18738",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2630",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#404910",
"trust": 0.8,
"value": "24.30"
},
{
"author": "CNNVD",
"id": "CNNVD-200605-498",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-18738",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "VULHUB",
"id": "VHN-18738"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. Symantec products are vulnerable to a stack-based buffer overflow. \nSymantec AntiVirus Corporate Edition 10.1 and Symantec Client Security 3.1 are currently known to be vulnerable to this issue. All supported platforms are affected including Microsoft Windows and Novell Netware. Symantec AntiVirus is a very popular antivirus solution. The remote management protocol used by the affected products for communication is a proprietary message-based protocol with two levels of encapsulation. The outer layer consists of message headers, which may be message type 10, which means requesting Rtvscan.exe, or type 20 or 30, which means forwarding SSL negotiation. If SSL is created for a TCP connection, subsequent communication is encrypted, although there is still plaintext in the private format. The data of the type 10 message contains its own header and message body, both of which are processed by Rtvscan.exe. There is a command field in this header, which specifies the operation to be performed and the format of the message body data. COM_FORWARD_LOG (0x24) The command handler does not use strncat correctly, allowing to overwrite the 0x180 byte stack buffer with arbitrary data. If the first string in the COM_FORWARD_LOG request contains a backslash, one of two strncat calls is performed: * If the string contains commas but no double quotes: strncat(dest, src, 0x17A - strlen(src )); * Otherwise: strncat(dest, src, 0x17C - strlen(src)); If the length of the source string exceeds 0x17A or 0x17C characters respectively, the arithmetic will underflow, resulting in a large memory copy size. This might allow appending this source string to the buffer, overwriting the stack with 64KB of data (null characters excluded). Rtvscan.exe is compiled with the Visual Studio /GS security option and includes stack canary checks. But an attacker can bypass this security measure by overriding and controlling the exception handler registration. \n\nSOLUTION:\nApply patches (see patch matrix in vendor advisory). \n\nPROVIDED AND/OR DISCOVERED BY:\neEye Digital Security\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html\n\neEye Digital Security:\nhttp://www.eeye.com/html/research/upcoming/20060524.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2630"
},
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "BID",
"id": "18107"
},
{
"db": "VULHUB",
"id": "VHN-18738"
},
{
"db": "PACKETSTORM",
"id": "46794"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-18738",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18738"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "18107",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1016162",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#404910",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2006-2630",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "20318",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016161",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2005",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498",
"trust": 0.7
},
{
"db": "XF",
"id": "26706",
"trust": 0.6
},
{
"db": "EEYE",
"id": "EEYEB-20060524",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060527 SYMANTEC ANTIVIRUS SOFTWARE EXPOSES COMPUTERS",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060526 NEW SYMANTEC VULN",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "83223",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16830",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88855",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71332",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-18738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46794",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "VULHUB",
"id": "VHN-18738"
},
{
"db": "BID",
"id": "18107"
},
{
"db": "PACKETSTORM",
"id": "46794"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"id": "VAR-200605-0399",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-18738"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:40:03.187000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.eeye.com/html/research/upcoming/20060524.html"
},
{
"trust": 2.1,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2006.05.25.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/18107"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/404910"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-may/046355.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016161"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20318"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2005"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/ad20060612.html"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/avcenter/security/content/2006.05.25.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/18107/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2006/may/1016162.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2005"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/435200/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/26706"
},
{
"trust": 0.3,
"url": "https://www.immunityinc.com/downloads/immpartners/symantec_rm.tar"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/products/enterprise?c=prodinfo\u0026refid=805"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/symantecadvisories.html"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-112810-5302-99\u0026tabid=1"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-122314-5625-99\u0026tabid=2"
},
{
"trust": 0.3,
"url": "/archive/1/436860"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6649/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20318/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5555/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "VULHUB",
"id": "VHN-18738"
},
{
"db": "BID",
"id": "18107"
},
{
"db": "PACKETSTORM",
"id": "46794"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#404910"
},
{
"db": "VULHUB",
"id": "VHN-18738"
},
{
"db": "BID",
"id": "18107"
},
{
"db": "PACKETSTORM",
"id": "46794"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-30T00:00:00",
"db": "CERT/CC",
"id": "VU#404910"
},
{
"date": "2006-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-18738"
},
{
"date": "2006-05-24T00:00:00",
"db": "BID",
"id": "18107"
},
{
"date": "2006-05-29T22:46:46",
"db": "PACKETSTORM",
"id": "46794"
},
{
"date": "2006-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"date": "2006-05-27T21:02:00",
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-06-13T00:00:00",
"db": "CERT/CC",
"id": "VU#404910"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-18738"
},
{
"date": "2007-11-01T16:26:00",
"db": "BID",
"id": "18107"
},
{
"date": "2007-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200605-498"
},
{
"date": "2024-11-21T00:11:42.110000",
"db": "NVD",
"id": "CVE-2006-2630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec products vulnerable to buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#404910"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200605-498"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.