Vulnerabilities > CVE-2006-2630 - Remote Stack Buffer Overflow vulnerability in Symantec Client Security and Norton Antivirus
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
Vulnerable Configurations
Exploit-Db
description | Symantec Remote Management Buffer Overflow. CVE-2006-2630. Remote exploit for windows platform |
id | EDB-ID:16830 |
last seen | 2016-02-02 |
modified | 2010-05-09 |
published | 2010-05-09 |
reporter | metasploit |
source | https://www.exploit-db.com/download/16830/ |
title | Symantec Remote Management Buffer Overflow |
Metasploit
description | This module exploits a stack buffer overflow in Symantec Client Security 3.0.x. This module has only been tested against Symantec Client Security 3.0.2 build 10.0.2.2000. |
id | MSF:EXPLOIT/WINDOWS/ANTIVIRUS/SYMANTEC_RTVSCAN |
last seen | 2020-02-29 |
modified | 2017-07-24 |
published | 2006-09-08 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/antivirus/symantec_rtvscan.rb |
title | Symantec Remote Management Buffer Overflow |
Nessus
NASL family | Windows |
NASL id | SAV_VER_CHECK.NASL |
description | The remote antivirus is vulnerable to a remote stack-based buffer overflow attack. In order to exploit this issue, the attacker needs to send an overly-long COM_FORWARD_LOG message to the management interface of the product, which listens on port 2967. Successful exploitation of this issue will result in complete compromise of the system. This issue was targeted by the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24236 |
published | 2007-01-25 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24236 |
title | Symantec AntiVirus Management Interface Remote Overflow (SYM06-010) |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/83223/symantec_rtvscan.rb.txt |
id | PACKETSTORM:83223 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | MC |
source | https://packetstormsecurity.com/files/83223/Symantec-Remote-Management-Buffer-Overflow.html |
title | Symantec Remote Management Buffer Overflow |
Saint
bid | 18107 |
description | Symantec real-time scan service buffer overflow |
id | misc_av_symantec_rtss |
osvdb | 25846 |
title | symantec_realtime_scan |
type | remote |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
- http://secunia.com/advisories/20318
- http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
- http://securitytracker.com/id?1016161
- http://securitytracker.com/id?1016162
- http://www.eeye.com/html/research/upcoming/20060524.html
- http://www.kb.cert.org/vuls/id/404910
- http://www.securityfocus.com/archive/1/435200/100/0/threaded
- http://www.securityfocus.com/bid/18107
- http://www.vupen.com/english/advisories/2006/2005
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26706