Παρασκευή, Μαΐου 14, 2004

Symantec Firewalls Vulnerable to Intrusion, DOS

Symantec has confirmed a flaw in its firewall software products for Windows that could enable remote access or denial of service by attackers.

The company has released updates to fix the security holes, discovered by eEye Digital Security. Secunia termed the flow extremely critical because of the large installed base for the affected Norton Internet Security and Norton Personal Firewall products and the potential for the flaw to be exploited by an auto-propagating worm.

Despite the ease of repair (Symantec users can simply run the products' LiveUpdate auto-update feature), vendors expressed concern about the similarity to the mid-March revelation of a vulnerability in ISS' Black Ice products, which was exploited barely a day later by the Witty worm. That incident raised alarms about "zero day exploits" - attacks published the same day a security hole becomes public, leaving no time for network administrators to repair vulnerable systems.


Netcraft - Symantec Firewalls Vulnerable to Intrusion, DOS

Δεν υπάρχουν σχόλια: