Symantec.Discovery.XFERWAN.Buffer.Overflow
Description
This indicates an attack attempt to exploit multiple buffer-overflow vulnerabilities in 'XFERWAN.EXE' in Symantec products, which is caused by improperly handling long strings in TCP packets in the 'CentennialIPTransferServer' service.
Affected Products
Symantec Discovery 6.5
Numara Numara Asset Manager 8.0
Centennial UK Ltd Discovery 2006 Feature Pack 1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
We are not aware of any update or patch for this vulnerability from Symantec Discovery and Numara Asset Manager products as of this writing.
For Centennial Discovery, apply the patch available from the Centennial Discovery Web site:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |