Sign-up

ID

VAR-200505-0455


CVE

CVE-2005-0923


TITLE

Symantec Norton AntiVirus AutoProtect Module SmartScan Local Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 12924 // CNNVD: CNNVD-200505-237

DESCRIPTION

The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. Symantec Norton AntiVirus may hang or crash when the Auto-Protect module scans certain files. It is reported that the issue manifests when an unspecified type of file is scanned by AutoProtect, the scan results in the device driver module failing leading to a subsequent kernel crash. The Symantec Norton AntiVirus AutoProtect SmartScan functionality is reported prone to a local denial of service vulnerability. A local attacker may exploit this vulnerability to deny service for legitimate users. PROVIDED AND/OR DISCOVERED BY: Isamu Noguchi ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.78

sources: NVD: CVE-2005-0923 // CERT/CC: VU#146020 // CERT/CC: VU#713620 // JVNDB: JVNDB-2005-000761 // BID: 12923 // BID: 12924 // VULHUB: VHN-12132 // PACKETSTORM: 36864

AFFECTED PRODUCTS

vendor:symantecmodel:norton internet securityscope:eqversion:2005

Trust: 3.0

vendor:symantecmodel:norton antivirusscope:eqversion:2005

Trust: 3.0

vendor:symantecmodel: - scope: - version: -

Trust: 1.6

vendor:symantecmodel:norton system worksscope:eqversion:2005_premier

Trust: 1.6

vendor:symantecmodel:norton internet securityscope:eqversion:2004

Trust: 1.6

vendor:symantecmodel:norton antivirusscope:eqversion:2.1

Trust: 1.6

vendor:symantecmodel:norton system worksscope:eqversion:2004_professional

Trust: 1.6

vendor:symantecmodel:norton systemworksscope:eqversion:2005 (premier)

Trust: 0.8

vendor:symantecmodel:norton system works premierscope:eqversion:2005

Trust: 0.6

vendor:symantecmodel:norton systemworks professional editionscope:eqversion:2004

Trust: 0.3

vendor:symantecmodel:norton internet security professional editionscope:eqversion:2004

Trust: 0.3

vendor:symantecmodel:norton antivirusscope:eqversion:2004

Trust: 0.3

sources: CERT/CC: VU#146020 // CERT/CC: VU#713620 // BID: 12923 // BID: 12924 // JVNDB: JVNDB-2005-000761 // CNNVD: CNNVD-200505-237 // NVD: CVE-2005-0923

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-0923
value: LOW

Trust: 1.0

CARNEGIE MELLON: VU#146020
value: 4.50

Trust: 0.8

CARNEGIE MELLON: VU#713620
value: 4.05

Trust: 0.8

IPA: JVNDB-2005-000761
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200505-237
value: LOW

Trust: 0.6

VULHUB: VHN-12132
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2005-0923
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2005-000761
severity: MEDIUM
baseScore: 4.0
vectorString: AV:L/AC:H/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-12132
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#146020 // CERT/CC: VU#713620 // VULHUB: VHN-12132 // JVNDB: JVNDB-2005-000761 // CNNVD: CNNVD-200505-237 // NVD: CVE-2005-0923

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0923

THREAT TYPE

network

Trust: 0.6

sources: BID: 12923 // BID: 12924

TYPE

Unknown

Trust: 0.6

sources: BID: 12923 // BID: 12924

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2005-000761

PATCH
title:SYM05-006url:http://www.symantec.com/avcenter/security/Content/2005.03.28.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2005-000761

EXTERNAL IDS
db:SECUNIAid:14741
Trust: 4.2
db:BIDid:12924
Trust: 3.6
db:SECTRACKid:1013587
Trust: 3.3
db:SECTRACKid:1013586
Trust: 3.3
db:CERT/CCid:VU#713620
Trust: 2.5
db:SECTRACKid:1013585
Trust: 2.5
db:NVDid:CVE-2005-0923
Trust: 2.5
db:BIDid:12923
Trust: 1.1
db:CERT/CCid:VU#146020
Trust: 0.8
db:JVNDBid:JVNDB-2005-000761
Trust: 0.8
db:CNNVDid:CNNVD-200505-237
Trust: 0.7
db:VULHUBid:VHN-12132
Trust: 0.1
db:PACKETSTORMid:36864
Trust: 0.1
sources:
            
            
            CERT/CC: VU#146020 // 
            
            
            
            CERT/CC: VU#713620 // 
            
            
            
            VULHUB: VHN-12132 // 
            
            
            
            BID: 12923 // 
            
            
            
            BID: 12924 // 
            
            
            
            JVNDB: JVNDB-2005-000761 // 
            
            
            
            PACKETSTORM: 36864 // 
            
            
            
            CNNVD: CNNVD-200505-237 // 
            
            
            
            NVD: CVE-2005-0923

REFERENCES
url:http://securityresponse.symantec.com/avcenter/security/content/2005.03.28.html
Trust: 3.4
url:http://www.securityfocus.com/bid/12924
Trust: 3.3
url:http://securitytracker.com/id?1013585
Trust: 2.5
url:http://securitytracker.com/id?1013586
Trust: 2.5
url:http://securitytracker.com/id?1013587
Trust: 2.5
url:http://secunia.com/advisories/14741
Trust: 2.5
url:http://secunia.com/advisories/14741/
Trust: 1.7
url:http://www.kb.cert.org/vuls/id/713620
Trust: 1.7
url:http://www.securityfocus.com/bid/12923
Trust: 0.8
url:http://www.securitytracker.com/alerts/2005/mar/1013587
Trust: 0.8
url:http://www.securitytracker.com/alerts/2005/mar/1013586
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0923
Trust: 0.8
url:http://jvn.jp/en/jp/jvn23d7e89f/index.html
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0923
Trust: 0.8
url:http://www.symantec.com/avcenter/security/content/2005.03.28.html
Trust: 0.6
url:http://secunia.com/product/4009/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/4848/
Trust: 0.1
url:http://secunia.com/product/2800/
Trust: 0.1
url:http://secunia.com/product/2796/
Trust: 0.1
url:http://secunia.com/secunia_vacancies/
Trust: 0.1
url:http://secunia.com/product/2442/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/4847/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#146020 // 
            
            
            
            CERT/CC: VU#713620 // 
            
            
            
            VULHUB: VHN-12132 // 
            
            
            
            BID: 12923 // 
            
            
            
            BID: 12924 // 
            
            
            
            JVNDB: JVNDB-2005-000761 // 
            
            
            
            PACKETSTORM: 36864 // 
            
            
            
            CNNVD: CNNVD-200505-237 // 
            
            
            
            NVD: CVE-2005-0923

CREDITS
Discovery of this vulnerability is credited to IPA.
Trust: 0.9
sources:
            
            
            BID: 12924 // 
            
            
            
            CNNVD: CNNVD-200505-237

SOURCES
db:CERT/CCid:VU#146020
db:CERT/CCid:VU#713620
db:VULHUBid:VHN-12132
db:BIDid:12923
db:BIDid:12924
db:JVNDBid:JVNDB-2005-000761
db:PACKETSTORMid:36864
db:CNNVDid:CNNVD-200505-237
db:NVDid:CVE-2005-0923

LAST UPDATE DATE
2024-08-14T13:51:07.066000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#146020date:2005-03-30T00:00:00
db:CERT/CCid:VU#713620date:2005-03-30T00:00:00
db:VULHUBid:VHN-12132date:2008-09-05T00:00:00
db:BIDid:12923date:2005-03-28T00:00:00
db:BIDid:12924date:2005-03-28T00:00:00
db:JVNDBid:JVNDB-2005-000761date:2008-05-21T00:00:00
db:CNNVDid:CNNVD-200505-237date:2006-09-28T00:00:00
db:NVDid:CVE-2005-0923date:2008-09-05T20:47:42.097

SOURCES RELEASE DATE
db:CERT/CCid:VU#146020date:2005-03-30T00:00:00
db:CERT/CCid:VU#713620date:2005-03-30T00:00:00
db:VULHUBid:VHN-12132date:2005-05-02T00:00:00
db:BIDid:12923date:2005-03-28T00:00:00
db:BIDid:12924date:2005-03-28T00:00:00
db:JVNDBid:JVNDB-2005-000761date:2008-05-21T00:00:00
db:PACKETSTORMid:36864date:2005-03-30T08:17:27
db:CNNVDid:CNNVD-200505-237date:2005-05-02T00:00:00
db:NVDid:CVE-2005-0923date:2005-05-02T04:00:00