Cert Security Bulletin

RARlabs

WinRAR 3.40 and prior
A vulnerability exists which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the 'Repair Archive' feature.

Update to version 3.41: http://www.rarlabs.com/download.htm

We are not aware of any exploits for this vulnerability.
RARlabs WinRAR 'Repair Archive' Feature Compromise Medium NGS Research, November 2, 2004


Kerio Technologies Inc.

Kerio Personal Firewall 4.1.2 and prior
A vulnerability exists that could permit a remote malicious user to cause Denial of Service conditions. There is a packet processing flaw that can trigger 100% CPU utilization on the target system.

The vendor has issued a fixed version (4.1.2), available at: http://www.kerio.com/kpf_download.html

A Proof of Concept exploit has been published.
Kerio Personal Firewall Remote Denial of Service Low SecurityTracker Alert ID, 1012116, November 8, 2004


Symantec

Norton Anti-Virus 2004, 2005
A vulnerability was reported in Norton Anti-Virus in the script blocking feature. A remote user can create specially crafted scripting code to bypass the security mechanisms and take malicious actions on the target user's system.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.
Symantec Norton Anti-Virus Script Blocking Bypass Medium SecurityTracker Alert ID, 1012079, November 4, 2004


Symantec

Symantec LiveUpdate 1.80.19.0, 2.5.56.0
A vulnerability exists which may allow a malicious user to cause Denial of Service conditions in certain cases. Tithe LiveUpdate decompression routine does not check for uncompressed file sizes before attempting to decompress a downloaded LiveUpdate zip file and does not properly validate directory names before creating the directories on the target system.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.
Symantec LiveUpdate Zip Decompression Routine Denial of Service Low SecurityTracker Alert ID, 1012095, November 5, 2004


Trend Micro

ScanMail
A vulnerability exists that could allow a remote malicious user to obtain potentially sensitive information or disable the anti-virus protection. A remote user may be able to access the 'smency.nsf' file to disable the anti-virus protection. The remote user may also be able to access other potentially sensitive files, including smconf.nsf, smhelp.nsf, and smadmr5.nsf.

No workaround or patch available at time of publishing.

We are not aware of any exploits for this vulnerability.
Trend Micro ScanMail Sensitive File Disclosure

CVE Name:
CAN-2004-1003
Medium SecurityTracker Alert ID, 1012082, November 4, 2004