var-200609-0268
Vulnerability from variot
Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor. Symantec AntiVirus Corporate Edition is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function. Successfully exploiting these vulnerabilities may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges. Attackers may also crash the Real Time Virus Scan service. Symantec AntiVirus is a very popular antivirus solution.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
2) Another format string error exists in the alert notification process when displaying a notification message upon detection of a malicious file.
SOLUTION: Apply patches (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY: 1) David Heiland, Layered Defense. 2) Reported by the vendor
ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
Layered Defense: http://layereddefense.com/SAV13SEPT.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1216-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff November 20th, 2006 http://www.debian.org/security/faq
Package : flexbackup Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE ID : CVE-2006-4802 Debian Bug : 334350
Eric Romang discovered that the flexbackup backup tool creates temporary files in an insecure manner, which allows denial of service through a symlink attack.
For the stable distribution (sarge) this problem has been fixed in version 1.2.1-2sarge1
For the upcoming stable distribution (etch) this problem has been fixed in version 1.2.1-3.
For the unstable distribution (sid) this problem has been fixed in version 1.2.1-3.
We recommend that you upgrade your flexbackup package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc
Size/MD5 checksum: 587 06539319d0534272e216306562677723
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz
Size/MD5 checksum: 3546 3365f545bd49464f4e58bacc503f8b28
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz
Size/MD5 checksum: 80158 4955c89dbee354248f354a9bf0a480dd
Architecture independent components:
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb
Size/MD5 checksum: 75836 240f8792a65a0d80b8ef85d4343a4827
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFYhMIXm3vHE4uyloRAjjTAKDCnxcy1cKXf1yBEbVCIyc3JANyMQCgz8JD pz5K4X1ok9uom1/tmGPBFoU= =WJOD -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.446"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.457"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.471"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.437"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.434"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.464"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.460"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1_build8.1.1.314a"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.323"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr1_build_8.1.1.314a"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr5_build_8.1.1.336"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.329"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr4_build_8.1.1.329"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.2"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.3"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.5"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.1.1000"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.1.1.1000"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.9"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.8"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr3_build_8.1.1.323"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.2"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.4"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.319"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.4"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.4"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.6"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr2_build_8.1.1.319"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.7"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "1.x to 3.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "corporate edition 8.1 to 10.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2011"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2010"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2002"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2001"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2000"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "client security mr3 b9.0.3.1000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "client security mr2 b9.0.2.1000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.2"
},
{
"model": "client security mr1 b9.0.1.1000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "client security stm build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.09.0.0.338"
},
{
"model": "client security (scf",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.07.1)"
},
{
"model": "client security mr5 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.336"
},
{
"model": "client security mr4 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.329"
},
{
"model": "client security mr3 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.323"
},
{
"model": "client security mr2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.319"
},
{
"model": "client security mr1 build 8.1.1.314a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security mr6 b8.1.1.266",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security stm b8.1.0.825a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "client security mr8 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.471"
},
{
"model": "client security mr7 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.464"
},
{
"model": "client security mr6 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.460"
},
{
"model": "client security mr5 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.457"
},
{
"model": "client security mr4 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.446"
},
{
"model": "client security mr3 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.434"
},
{
"model": "client security build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.437"
},
{
"model": "client security mr9 b8.01.501",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security mr2 b8.01.429c",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security mr1 b8.01.425a/b",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security b8.01.9378",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.0"
},
{
"model": "client security b8.01.9374",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2011"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2010"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2002"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2001"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2000"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.5"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.4"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3.1000"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2.1000"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1.1.1000"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.0.338"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.329"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.323"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.319"
},
{
"model": "antivirus corporate edition build 8.1.1.314a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1.377"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1.366"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.471"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.464"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.460"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.457"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.446"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.437"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.434"
},
{
"model": "antivirus corporate edition .0.825a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "client security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.2.2020"
},
{
"model": "client security build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.51100"
},
{
"model": "client security build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1393"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.2.2020"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.5.1100"
},
{
"model": "antivirus corporate edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1393"
}
],
"sources": [
{
"db": "BID",
"id": "19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:symantec:client_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:norton_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Deral Heiland http://www.layereddefense.com/",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2006-4802",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-20910",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4802",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2006-4802",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-242",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20910",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-4802",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20910"
},
{
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor. Symantec AntiVirus Corporate Edition is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function. \nSuccessfully exploiting these vulnerabilities may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges. Attackers may also crash the Real Time Virus Scan service. Symantec AntiVirus is a very popular antivirus solution. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\n2) Another format string error exists in the alert notification\nprocess when displaying a notification message upon detection of a\nmalicious file. \n\nSOLUTION:\nApply patches (see patch matrix in vendor advisory). \n\nPROVIDED AND/OR DISCOVERED BY:\n1) David Heiland, Layered Defense. \n2) Reported by the vendor\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\n\nLayered Defense:\nhttp://layereddefense.com/SAV13SEPT.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1216-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 20th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : flexbackup\nVulnerability : insecure temporary file\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-4802\nDebian Bug : 334350\n\nEric Romang discovered that the flexbackup backup tool creates temporary\nfiles in an insecure manner, which allows denial of service through a\nsymlink attack. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.2.1-2sarge1\n\nFor the upcoming stable distribution (etch) this problem has been\nfixed in version 1.2.1-3. \n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.2.1-3. \n\nWe recommend that you upgrade your flexbackup package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc\n Size/MD5 checksum: 587 06539319d0534272e216306562677723\n http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz\n Size/MD5 checksum: 3546 3365f545bd49464f4e58bacc503f8b28\n http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz\n Size/MD5 checksum: 80158 4955c89dbee354248f354a9bf0a480dd\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb\n Size/MD5 checksum: 75836 240f8792a65a0d80b8ef85d4343a4827\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFYhMIXm3vHE4uyloRAjjTAKDCnxcy1cKXf1yBEbVCIyc3JANyMQCgz8JD\npz5K4X1ok9uom1/tmGPBFoU=\n=WJOD\n-----END PGP SIGNATURE-----\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4802"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "BID",
"id": "19986"
},
{
"db": "VULHUB",
"id": "VHN-20910"
},
{
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"db": "PACKETSTORM",
"id": "50042"
},
{
"db": "PACKETSTORM",
"id": "52385"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4802",
"trust": 3.0
},
{
"db": "BID",
"id": "19986",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21884",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1016842",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060918 SYMANTEC SECURITY ADVISORY: SYMANTEC ANTIVIRUS CORPORATE EDITION",
"trust": 0.6
},
{
"db": "XF",
"id": "28937",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "52385",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-20910",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-4802",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50042",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20910"
},
{
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"db": "BID",
"id": "19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "PACKETSTORM",
"id": "50042"
},
{
"db": "PACKETSTORM",
"id": "52385"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"id": "VAR-200609-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20910"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:40:00.911000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM06-017",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2006.09.13.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/19986"
},
{
"trust": 1.8,
"url": "http://securitytracker.com/id?1016842"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/21884"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4802"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4802"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28937"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/446293/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/products/enterprise?c=prodinfo\u0026refid=805"
},
{
"trust": 0.3,
"url": "/archive/1/446041"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6649/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3478/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2344/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5555/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/659/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://layereddefense.com/sav13sept.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21884/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4802"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20910"
},
{
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"db": "BID",
"id": "19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "PACKETSTORM",
"id": "50042"
},
{
"db": "PACKETSTORM",
"id": "52385"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-20910"
},
{
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"db": "BID",
"id": "19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"db": "PACKETSTORM",
"id": "50042"
},
{
"db": "PACKETSTORM",
"id": "52385"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-14T00:00:00",
"db": "VULHUB",
"id": "VHN-20910"
},
{
"date": "2006-09-14T00:00:00",
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"date": "2006-09-13T00:00:00",
"db": "BID",
"id": "19986"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"date": "2006-09-14T22:28:53",
"db": "PACKETSTORM",
"id": "50042"
},
{
"date": "2006-11-21T07:18:54",
"db": "PACKETSTORM",
"id": "52385"
},
{
"date": "2006-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"date": "2006-09-14T22:07:00",
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20910"
},
{
"date": "2018-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2006-4802"
},
{
"date": "2016-07-05T21:38:00",
"db": "BID",
"id": "19986"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003176"
},
{
"date": "2006-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-242"
},
{
"date": "2024-11-21T00:16:47.523000",
"db": "NVD",
"id": "CVE-2006-4802"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "19986"
},
{
"db": "PACKETSTORM",
"id": "50042"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec AntiVirus Corporate Edition Such as Real Time Virus Scan Format string vulnerability in service",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003176"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "format string",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-242"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.