Security roundup: Symantec fixes flaw in multiple products

In other vulnerability news, a critical flaw is found in Adobe Photoshop and Cisco fixes flaws affecting a number of its products.

Antivirus giant Symantec has updated several of its products to fix a flaw malicious local users could exploit to cause a denial of service or run sinister code with system-level privileges.

Symantec said in an advisory that two vulnerabilities have been identified in Norton Ghost, Norton Save & Recovery, LiveState Recovery and BackupExec System Recovery.

Scheduled backups of local disks saved to remote network shares save login credentials for the remote share into the application directory with read access set for everyone, the vendor said. Meanwhile, a buffer overflow exists that can allow malicious local users to cause a denial of service or run code with system-level privileges.

"Symantec has released updates for all affected product versions … These updates are available through LiveUpdate," the company said. "To date, Symantec is not aware of any reported attempts to exploit this vulnerability."

'Critical' Adobe Photoshop flaw discovered
Attackers could exploit a critical flaw in Adobe Photoshop to cause a denial of service or run malicious code, the French Security Incident Response Team (FrSIRT) said in an advisory.

Buffer overflow errors are triggered in the program when it handles a malformed .bmp, .dib or .rle file, FrSIRT said. Attackers could exploit this to take complete control of an affected system by tricking a user into opening a specially crafted file using a vulnerable application. The flaw specifically affects Adobe Photoshop CS3 and CS2

FrSIRT said it is not aware of any official supplied patch for the problem. Danish vulnerability clearinghouse Secunia said users should refrain from opening untrusted Bitmap files as a precaution.

Cisco flaws affect multiple products
Networking giant Cisco Systems has addressed flaws an attacker could exploit to run malicious code, bypass security restrictions and gain unauthorized network access.

The first problem is a buffer overflow error in various Cisco products. Buffer overflows in the PHP HTML entity encoder surface when malformed data is passed to the "htmlentities()" and "htmlspecialchars()" functions, which could be exploited by authenticated attackers to compromise an affected system, the vendor said. This affects Cisco Network Analysis Modules (NAM) for Catalyst 6000, 6500 and 7600 Series, Cisco Unified Application Environment versions 2.0; Cisco Hosting Solution Engine version 1.0; and Cisco Hosting Solution Software version 1.0.

The second problem is a flaw in Cisco Network Services (CNS) NetFlow Collection Engine (NFC) attackers could exploit to bypass security checks and gain unauthorized access to a vulnerable system. "This issue is caused by an error in the Linux installer that creates a default Web and operating system user account with a password of 'nfcuser,' which could be exploited by attackers to gain full administrative control of the NetFlow Collection Engine and user-level access to the host operating system," Cisco said.

This affects Cisco Network Services (CNS) NetFlow Collection Engine (NFC) versions prior to 6.0.0

The advisories outline updates and workarounds Cisco has developed to address the flaws.

Read more on IT risk management