ID CVE-2005-2758
Summary Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
References
Vulnerable Configurations
  • Symantec AntiVirus Scan Engine 4.0
    cpe:2.3:a:symantec:antivirus_scan_engine:4.0
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:bluecoat
    cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:bluecoat
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:clearswift
    cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:clearswift
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:netapp_filer
    cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:netapp_filer
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:netapp_netcache
    cpe:2.3:a:symantec:antivirus_scan_engine:4.0:-:netapp_netcache
  • Symantec AntiVirus Scan Engine 4.3
    cpe:2.3:a:symantec:antivirus_scan_engine:4.3
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:caching
    cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:caching
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:clearswift
    cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:clearswift
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:microsoft_sharepoint
    cpe:2.3:a:symantec:antivirus_scan_engine:4.3:-:microsoft_sharepoint
  • cpe:2.3:a:symantec:antivirus_scan_engine_for_network_attached_storage:4.3
    cpe:2.3:a:symantec:antivirus_scan_engine_for_network_attached_storage:4.3
CVSS
Base: 10.0 (as of 06-10-2005 - 20:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows
NASL id SYMANTEC_SCAN_ENGINE_SYM05_017.NASL
description The remote host has a version of Symantec AntiVirus Scan Engine installed that is affected by a buffer overflow vulnerability in the web-based administrative interface. By sending a specially crafted request, a remote attacker may be able to execute arbitrary code.
last seen 2019-02-21
modified 2018-08-01
plugin id 67229
published 2013-07-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=67229
title Symantec AntiVirus Scan Engine Web Service Administrative Interface Buffer Overflow
refmap via4
bid 15001
cert-vn VU#849209
confirm http://www.symantec.com/avcenter/security/Content/2005.10.04.html
idefense 20051004 Symantec AntiVirus Scan Engine Web Service Buffer Overflow Vulnerability
osvdb 19854
sectrack 1015001
secunia 17049
sreason 48
vupen ADV-2005-1954
xf symantec-scanengine-admin-bo(22519)
Last major update 07-03-2011 - 21:24
Published 05-10-2005 - 15:02
Last modified 10-07-2017 - 21:32
Back to Top