North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Symantec AV may execute viruses

  • From: Dragos Ruiu
  • Date: Thu Feb 10 15:08:38 2005

On February 10, 2005 10:29 am, Paul G wrote:
> ----- Original Message -----
> From: "Jeff Wheeler" <[email protected]>
> To: "Colin Johnston" <[email protected]>
> Cc: <[email protected]>
> Sent: Thursday, February 10, 2005 1:18 PM
> Subject: Re: Symantec AV may execute viruses
> > Also, it doesn't appear that this issue effects the Mac software (at
> > least, I didn't see the Mac products in the Symantec vulnerability
> > list), only Windows products.
> if this is a heap overflow and if osx uses a bsd-derived libc (with phy
> malloc implementation), the vulnerability would not be exploitable. this
> seems like a probable explanation.

Neil Mehta & Alex Wheeler from ISS who identified this and a number
of other AV issues will be doing a presentation on it entitled, "Owning
Antii-Virus"  at CanSecWest.


World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada	May 4-6 2005
pgpkey kyxpgp