Symantec Brightmail AntiSpam: Nested Zip File, Denial of Service

AntiSpam

0 more products

1070

06 March 2020

21 September 2005

CLOSED

LOW

SUMMARY

 

Risk Impact
Low

Remote Access

Yes (incoming mail)

Local Access

No

Authentication Required

No

Exploit publicly available

NA

 

AFFECTED PRODUCTS

 

Product

Version

Build

Solution

Symantec Brightmail AntiSpam

6.0

1

Update

Symantec Brightmail AntiSpam

6.0

2

Update

Symantec Mail Security 8200 Series Appliance

All

All

Automatic Update available
(build 4.1.0-58)


Note: Customers with product versions prior to 6.0.1 are encouraged to upgrade to the latest product version.

ADDITIONAL PRODUCT INFORMATION

 

Non-Affected Products

Product

Version

Build

Solution

Symantec Brightmail AntiSpam

Win32

All

All

Symantec Brightmail AntiSpam

Win32

All

All

 

ISSUES

 

Details
A potential Denial of Service issue has been identified and fixed in the Symantec Brightmail AntiSpam product. When processing zip files containing a large number of nested zip files, the product appears to hang while scanning for malicious content.

MITIGATION

 

Symantec Response
An update for Symantec Brightmail AntiSpam Versions 6.0.1 and 6.0.2 has been released and can be downloaded from the following location:

ftp://ftp.symantec.com/public/english_us_canada/products/sba/sba_60x/updates/patch157.zip

An update for the Symantec Mail Security 8200 Series Appliance is available through its software update feature.

Symantec is not aware of any active attempts against or customers impacted by this issue.

As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends any affected customers update their product immediately to protect against these types of threats