[guru] Fwd: [david@matousec.com: Norton Insufficient protection of Norton service registry keys]
DATE: Mon, 17 Jul 2006 17:45:13 +0200
A ZoneAlarmhoz hasonlóan Norton alkalmazások sem ellenőrzik eléggé a
Windows API függvényhívások (RegSaveKey, RegRestoreKey, RegDeleteKey)
szabványosságát. Egy alkalmas kombinációja az említett függvényhívásoknak a
registry kulcson rendszerösszeomláshoz vezet.
----- Forwarded message from David Matousek <david@matousec.com> -----
Date: Sat, 15 Jul 2006 10:29:44 +0200
From: David Matousek <david@matousec.com>
To: bugtraq@securityfocus.com
Subject: Norton Insufficient protection of Norton service registry keys
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0
Hello,
I would like to inform you about a vulnerability in the driver of Norton Personal Firewall component
found by Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php
--
David Matousek
Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/
----- End forwarded message -----