Intrusion Prevention

Symantec.Discovery.XFERWAN.Buffer.Overflow

Description

This indicates an attack attempt to exploit multiple buffer-overflow vulnerabilities in 'XFERWAN.EXE' in Symantec products, which is caused by improperly handling long strings in TCP packets in the 'CentennialIPTransferServer' service.

Affected Products

Symantec Discovery 6.5
Numara Numara Asset Manager 8.0
Centennial UK Ltd Discovery 2006 Feature Pack 1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

We are not aware of any update or patch for this vulnerability from Symantec Discovery and Numara Asset Manager products as of this writing.
For Centennial Discovery, apply the patch available from the Centennial Discovery Web site:
http://support.centennial.co.uk/index.html

CVE References

CVE-2007-1173