ATTN: Users of NAV, NSW or NIS 2004

[PA Bear]

Symantec UPX Parsing Engine Heap Overflow
http://secunia.com/advisories/14179
http://www.sarc.com/avcenter/security/Content/2005.02.08.html

 

[\x@y\]

Symantec UPX Parsing Engine Heap Overflow
http://secunia.com/advisories/14179
http://www.sarc.com/avcenter/security/Content/2005.02.08.html

Hello PA,

Thanks for the warning,
I just uninstalled all the Norton's, & Symantec's from
my System, and Installed "Panda Platinum".
It updates for virus Signatures automatically everyday,
yesterday found 57 signatures, and today 54.
x@y.

 

[PA Bear]

As of : February 10th 2005 19:38 UTC
http://isc.sans.org/diary.php?date=2005-02-09

* Updated: Serious Symantec Vulnerability, 1-day exploits, and the
missing 13th patch

Serious Symantec Vulnerability

Update: It appears that Symantec has not actually released the patches
as is mentioned on their web site. We have not found any patches for the
Symantec Antivirus Corporate Edition 8 and 9. We are investigating this
futher.
http://www.sarc.com/avcenter/security/Content/2005.02.08.html *

 

[Tom Pepper Willett]

Update:

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005020911112648

Tom
| Symantec UPX Parsing Engine Heap Overflow
| http://secunia.com/advisories/14179
| http://www.sarc.com/avcenter/security/Content/2005.02.08.html
| --
| ~Robear Dyer (PA Bear)
| MS MVP-Windows (Shell, IE/OE) & Security

 

[C A Upsdell]

Symantec UPX Parsing Engine Heap Overflow
http://secunia.com/advisories/14179
http://www.sarc.com/avcenter/security/Content/2005.02.08.html

Symantec fixed this really quickly. The day it was reported I ran
LiveUpdate, which installed the fixes right away.

A tempest in a teacup.

 

[PA Bear]

As the worm turns: Upgrade or die! <eg> Guess that's pretty good for the
bottom line.

 

[Tom Pepper Willett]

Ironically, the bulletin this morning stated that SAV Corp 9.0 was *not*
affected. That statement has been removed since I first posted the link.

Tom
| As the worm turns: Upgrade or die! <eg> Guess that's pretty good for the
| bottom line.
| --
| ~PA Bear
|
| Tom Pepper Willett wrote:
| > Update:
| >
| >
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005020911112648
| >
| > Tom
| > | > > Symantec UPX Parsing Engine Heap Overflow
| > > http://secunia.com/advisories/14179
| > > http://www.sarc.com/avcenter/security/Content/2005.02.08.html
| > > --
| > > ~Robear Dyer (PA Bear)
| > > MS MVP-Windows (Shell, IE/OE) & Security
|

 

[dallas rice]

what did you need help with

 

[Tom Pepper Willett]

What makes you think he needed help with anything?

Tom
| what did you need help with
| | > Symantec UPX Parsing Engine Heap Overflow
| > http://secunia.com/advisories/14179
| > http://www.sarc.com/avcenter/security/Content/2005.02.08.html --
| > ~Robear Dyer (PA Bear)
| > MS MVP-Windows (Shell, IE/OE) & Security
|
|

 

[Bruce Hagen]

He needs a life.

 

[Tom Pepper Willett]

exactly ;-)

~Robear was giving a heads-up.

Tom
| He needs a life.
|
| | > What makes you think he needed help with anything?
| >
| > Tom
| > | > | what did you need help with
| > | | > | > Symantec UPX Parsing Engine Heap Overflow
| > | > http://secunia.com/advisories/14179
| > | > http://www.sarc.com/avcenter/security/Content/2005.02.08.html --
| > | > ~Robear Dyer (PA Bear)
| > | > MS MVP-Windows (Shell, IE/OE) & Security
| > |
| > |
| >
| >
|

 

[PA Bear]

Hey! Now cut that out.
--
~PAÞ

He needs a life.