Intrusion Prevention

Symantec.VERITAS.Administrator.Service.Heap.Overflow

Description

This indicates an attempt to exploit a heap overflow vulnerability in Symantec VERITAS Storage Foundation.
The vulnerability is caused by a boundry error in vxvea3.dll that occurs when handling a malformed udp packet sent to udp port 3207(administrator service). It allows remote attackers to cause memory corruption or execute arbitrary code via a specially crafted udp packet.

Affected Products

Veritas Storage Foundation 5.0

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for a suggested workaround.
http://www.symantec.com/avcenter/security/Content/2008.02.20a.html

CVE References

CVE-2008-0638