Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Flaws Found in Symantec Scan Engine

By Ed Oswald, BetaNews

April 25, 2006, 4:30 PM

Symantec earlier this week warned of vulnerabilities within its Scan Engine, a programming interface that allows third parties to incorporate scanning technologies into their applications. The security software maker has rated the vulnerabilities as a "medium risk."

According to the advisory, the first problem lies within an issue in authenticating Web-based logins. "Anyone with knowledge of the underlying communication mechanism can control the Scan Engine server," the notice reads.

Another flaw opens the program up to a "man-in-the-middle attack." According to Symantec, the DSA key used for SSL communications is easily extracted.

Remote users could also download any file in the installation directory of the program through a third flaw. Using regular or specially crafted HTTP requests, the information could be easily accessed.

The company stressed that these vulnerabilities only affect the Scan Engine and none of its desktop applications.

Customers are urged to upgrade to Symantec Scan Engine 5.1 in order to protect themselves from the flaw. At this time, there are no known available exploits. However, proof-of-concept code has already been published, security researchers warn.

Add a Comment (13 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By improvelence

posted Apr 27, 2006 - 12:51 PM

Symantec has sucked since I can remember, it's useless.

Score: 0

By athome

edited Apr 26, 2006 - 12:55 PM

I have found that Symantec has been going down hill since win98. From not removing viruses, to just becoming corrupted and having to reinstall. I am not sure of the reasons, but it makes it hard to stay behind them.
McAfee is another product I dislike, but have installed it on customer's PC when they ask. It was also a sure bet that I would be returning for problems on their PCs. I have heard that the recent scanning techniques used by McAfee are pretty good and are leading the way, but still would never use their products.

Symantec for Servers, I have heard different stories. Anyone have a suggestion towards a great antivirus for Windows SB Server 2003? I am interested in buying one within 30 days.

Score: 0

By Galway

posted Apr 27, 2006 - 7:05 AM

Sophos

Score: 0

By morriscox

posted Apr 26, 2006 - 4:24 PM

Look into Avast!. www.avast.com

Score: 0

By athome

posted Apr 26, 2006 - 9:07 PM

For server? I have used it for the Personal PC and found that it does have issues with updating regularly. In spite of all the settings, it still has errors. I would require something a bit more reliable.

Score: 0

By Kamika007z

posted Apr 26, 2006 - 10:13 AM

So for the business world, what av do you all recommend?

Score: 0

By mjm01010101

posted Apr 26, 2006 - 2:01 PM

I like Trend Micro's products.

Score: 0

By excelon2005

posted Apr 25, 2006 - 5:31 PM

Yeah... I tell my friends that Symantec Antivirus is like a paper shield against a bullet (which kind I choose depends on my mood).

Score: 0

By Budgie29

posted Apr 25, 2006 - 5:23 PM

i am a computer engineer with my own persional business

and one thing I refuce to do is install ANY Macfee or norton products .also any machine I build the warranty is void if any of the above is installed or used

time and time again
the computer has crashed out and what av is the client running.say no more

the've just installed the new version of mccappie and it killed windows

mind you i'm not complaining i've made £££££££
out of it

Score: 0

By improvelence

posted Apr 27, 2006 - 12:54 PM

I have installed Mcafee for a lot of people (par their request) and have never had a problem. I use avast because I am on x64, but if I wasnt my ISP provides Mcafee for free so I would be using that. If I was going to pay for one it would be trend micro...i have heard panda is good but I dont know.

Score: 0

By horsecharles

posted Apr 25, 2006 - 11:14 PM

Exactly. Their producs starting showing issues on win98, that to this day have not been corrected, though documented. Heck, their own products conflict with eath other.
Symantec, please continue on your merry way: never fixing past mistakes while simultaneously acquiring good software apps and thrashing them as well.
Can't understand how Google chose to bundle one those products...

Score: 0

By bourgeoisdude

posted Apr 25, 2006 - 4:47 PM

oops...not enough problems already, let's add some more, eh?

Score: 0

By mjm01010101

posted Apr 25, 2006 - 4:45 PM

This is such a gaping novice move, that anybody still trusting symantec for serious security needs must indeed need to have their heads checked out.
""It's totally a fake authentication scheme," said Chad Loder, Rapid7's engineering director. "This vulnerability, as far as we can tell, has been built into the application from day one. We were just the first people to come and look into the protocol.""

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue