Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1075
HistoryOct 19, 2005 - 8:00 a.m.

Symantec LiveUpdate for Macintosh Local Privilege Escalation

2005-10-1908:00:00
Symantec Security Response
10
JSON

SUMMARY

Risk Impact
Medium

Remote Access

|

No

—|—

Local Access

|

Yes

Authentication Required

|

Yes

Exploit publicly available

|

No

AFFECTED PRODUCTS

Product

|

Version

|

Build

|

Language

|

Solution

—|—|—|—|—

LiveUpdate for Macintosh

|

3.0.0

|

All

|

All

|

Live Update Patch

3.0.1

|

All

|

All

3.0.2

|

All

|

All

3.0.3

|

5

|

English

3.0.3

|

11

|

All

3.5.0

|

47

|

All

Norton AntiVirus

|

9.0.x

|

All

|

All

Norton AntiVirus

|

10.0.0

|

All

|

All

Norton AntiVirus

|

10.0.1

|

All

|

All

Norton Personal Firewall

|

3.0.x

|

All

|

All

Norton Personal Firewall

|

3.1.0

|

All

|

All

Norton Internet Security

|

3.0.x

|

All

|

All

Norton Utilities

|

8.0.x

|

All

|

All

Norton SystemWorks

|

3.0.x

|

All

|

All

ADDITIONAL PRODUCT INFORMATION

Not Affected Product(s)

Product

|

Version

|

Build

|

Language

—|—|—|—

Symantec AntiVirus for Macintosh

|

10

|

All

|

All

ISSUES

Details
Symantec LiveUpdate for Macintosh is partially implemented in the Java programming language. The interface to the java interpreter takes input from the LiveUpdate component as command line arguments and passes them to the Java interpreter. This interface is configured to run with System Administrative privileges (SUID). A local user can use the LiveUpdate Java interface to execute Java code with System Administrative rights.

The Common Vulnerabilities and Exposures (CVE) initiative has assigned CVE Candidate CVE-2005-2759 to this issue.

This issue is a candidate for inclusion in the CVE list (<http://cve.mitre.org>), which standardizes names for security problems.

MITIGATION

Symantec Response
A patch has been created and made available for all affected version of the product through Symantec LiveUpdate.

To perform a manual update using Symantec LiveUpdate, users should:

  • Open any installed Symantec product
  • Click on LiveUpdate in the toolbar
  • Run LiveUpdate until all available Symantec product updates are downloaded and installed

Symantec is not aware of any active attempts against or customers impacted by this issue.

As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends any affected customers update their product immediately to protect against these types of threats.

ACKNOWLEDGEMENTS

Symantec thanks iDefense, for notification of this issue and coordinating disclosure as it was resolved

Related

securityvulns 2
nvd 1
cvelist 1
cve 1
securityvulns
securityvulns
[Full-disclosure] iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus DiskMountNotify Local Privilege Escalation
2005-10-21 00:00:00
[Full-disclosure] iDEFENSE Security Advisory 10.20.05: Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation
2005-10-21 00:00:00
nvd
nvd
CVE-2005-2759
2005-10-20 23:02:00
cvelist
cvelist
CVE-2005-2759
2005-10-20 04:00:00
cve
cve
CVE-2005-2759
2005-10-20 23:02:00
JSON
Related for SMNTC-1075
securityvulns2nvd1cvelist1cve1