Thread-topic: [SA27367] Symantec Mail Security for SMTP File Parsing Vulnerabilities
>
> TITLE:
> Symantec Mail Security for SMTP File Parsing Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA27367
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/27367/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> Symantec Mail Security for SMTP 5.x
> http://secunia.com/product/13591/
> Symantec Mail Security for SMTP 4.x
> http://secunia.com/product/3558/
>
> DESCRIPTION:
> Multiple vulnerabilities have been discovered in Symantec Mail
> Security for SMTP, which can be exploited by malicious people to
> cause a DoS (Denial of Service) and compromise a vulnerable system.
>
> The vulnerabilities are caused due to various errors within certain
> third-party file viewers and can be exploited to cause buffer
> overflows when a specially crafted file is checked.
>
> The vulnerabilities are related to:
> SA27304
>
> Successful exploitation allows execution of arbitrary code, but
> requires that e.g. a policy is setup for scanning the contents of
> messages.
>
> The vulnerabilities are confirmed in Symantec Mail Security for SMTP
> version 5.0.1 without Patch 181 and 182. Prior versions and other
> products may also be affected.
>
> SOLUTION:
> The vulnerabilities have been silently fixed with Patch 181 and 182
> for version 5.0.1.
> ftp://ftp.symantec.com/public/english_us_canada/products/syman
> tec_mail_security/5.0.1_smtp/updates/patch181.zip
> ftp://ftp.symantec.com/public/english_us_canada/products/syman
> tec_mail_security/5.0.1_smtp/updates/patch182.zip
>
> PROVIDED AND/OR DISCOVERED BY:
> Originally reported in IBM Lotus Notes advisories crediting:
> * ZDI
> * Tan Chew-Keong
>
> OTHER REFERENCES:
> SA27304:
> http://secunia.com/advisories/27304/
>