发布时间 :2001-10-05 00:00:00
修订时间 :2008-09-05 16:25:45

[原文]Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the site.

[CNNVD]Symantec Norton Antivirus LiveUpdate拒绝服务漏洞(CNNVD-200110-022)

        Symantec LiveUpdate 1.4到1.6版本,以及可能还包括之后的版本存在漏洞。远程攻击者可以借助网站的DNS欺骗导致服务拒绝(flood)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:symantec:liveupdate:1.6Symantec LiveUpdate 1.6
cpe:/a:symantec:liveupdate:1.5Symantec LiveUpdate 1.5
cpe:/a:symantec:liveupdate:1.4Symantec LiveUpdate 1.4

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  BUGTRAQ  20011005 Symantec LiveUpdate attacks
(VENDOR_ADVISORY)  XF  liveupdate-host-verification(7235)

- 漏洞信息

Symantec Norton Antivirus LiveUpdate拒绝服务漏洞
中危 其他
2001-10-05 00:00:00 2005-10-20 00:00:00
        Symantec LiveUpdate 1.4到1.6版本,以及可能还包括之后的版本存在漏洞。远程攻击者可以借助网站的DNS欺骗导致服务拒绝(flood)。

- 公告与补丁

        Symantec has acknowledged this vulnerability, and is currently working on a solution.

- 漏洞信息

Symantec LiveUpdate DNS Spoofing Arbitrary File Write
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

Symantec LiveUpdate contains a flaw that may allow a remote denial of service. It is possible that a remote attacker could use LiveUpdate (via DNS spoofing) to redirect a download from a site other than the server. This may allow a remote attacker to install malicious software on the victim machine.

- 时间线

2001-10-03 2001-09-22
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Symantec Norton Antivirus LiveUpdate DoS Vulnerability
Failure to Handle Exceptional Conditions 3413
Yes No
2001-10-05 12:00:00 2009-07-11 09:06:00
Discovered by FX <>, DasIch <> and kim0 <> and published in a Symantec Security Response on Oct 5, 2001.

- 受影响的程序版本

Symantec LiveUpdate 1.6
+ Symantec Norton AntiVirus 2001 0
+ Symantec Norton AntiVirus 2002 0
+ Symantec Norton AntiVirus Corporate Edition 7.51
+ Symantec Norton AntiVirus Corporate Edition 7.5

- 漏洞讨论

Symantec's Norton Antivirus contains a feature called LiveUpdate. LiveUpdate is a process that checks for new virus definitions over the internet, downloads and installs them from a Symantec site. This process can either be scheduled or performed manually.

It is possible for a remote user to cause LiveUpdate to redirect a download from a site of his/her choice. Therefore, a remote host could send an unusually large file as the update, potentially causing a denial of services on the target system.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: &lt;;.

- 解决方案

Symantec has acknowledged this vulnerability, and is currently working on a solution.

- 相关参考