Forwarded from: security curmudgeon <jericho@private> : http://www.eweek.com/article2/0,4149,1390273,00.asp : : November 19, 2003 : By Dennis Fisher : : LAS VEGAS - If software vendors and security companies don't get their : act together and start producing better products, users will begin : dropping off the Internet out of sheer frustration, predicted John : Thompson, chairman and CEO of Symantec Corp., in his keynote speech at : Comdex here Wednesday. : : Thompson challenged vendors to begin turning out more secure software : solutions and to take the initiative in trying to protect customers from : attackers and themselves. If that doesn't come to pass, then Internet : users—especially less savvy consumers—will reduce the amount of time : they spend on the Internet and only use it when they absolutely need to. Symantec PCAnywhere Chat Client Privilege Escalation Vulnerability http://www.securityfocus.com/bid/9052 Symantec PCAnywhere Privilege Escalation Vulnerability http://www.securityfocus.com/bid/9045 Symantec Norton Internet Security Error Message Cross-Site Scripting http://www.securityfocus.com/bid/8904 Symantec AntiVirus For Handhelds Scanning Bypass Vulnerability http://www.securityfocus.com/bid/8639 Symantec Norton AntiVirus Device Driver Memory Overwrite Vulnerability http://www.securityfocus.com/bid/8329 Symantec Quarantine Server Disconnect Denial Of Service Vulnerability http://www.securityfocus.com/bid/8306 Symantec NAVCE Failure To Scan Floppy Disks Vulnerability http://www.securityfocus.com/bid/8077 Symantec Security Check RuFSI ActiveX Control Buffer Overflow Vulnerability http://www.securityfocus.com/bid/8008 Symantec Enterprise Firewall HTTP Pattern Matching Evasion Weakness http://www.securityfocus.com/bid/7196 Symantec Norton Internet Security ICMP Packet Flood Denial Of Service http://www.securityfocus.com/bid/6598 Symantec Enterprise Firewall RealAudio Proxy Buffer Overflow Vulnerability http://www.securityfocus.com/bid/6389 Symantec Java! JustInTime Compiler Command Execution Vulnerability http://www.securityfocus.com/bid/6222 Symantec NAVCE Privilege Escalation Vulnerability http://www.securityfocus.com/bid/5966 Multiple Symantec HTTP Proxy Denial of Service Vulnerability http://www.securityfocus.com/bid/5958 Multiple Symantec HTTP Proxy Information Disclosure Vulnerability http://www.securityfocus.com/bid/5959 Symantec VelociRaptor Denial of Service Vulnerability http://www.securityfocus.com/bid/5909 Multiple Symantec Product Weak TCP Initial Sequence Number Vulnerability http://www.securityfocus.com/bid/5387 Symantec Norton Personal Firewall/Internet Security 2001 Buffer Overflow Vulnerability http://www.securityfocus.com/bid/5237 Symantec Norton Personal Firewall 2002 Portscan Protection Bypass Vulnerability http://www.securityfocus.com/bid/4521 Symantec Raptor / Enterprise Firewall FTP Bounce Vulnerability http://www.securityfocus.com/bid/4522 Symantec Norton Personal Firewall 2002 Fragmented Packet Vulnerability http://www.securityfocus.com/bid/4545 Symantec Norton AntiVirus NULL Characters Incoming Email Protection Bypass Vulnerability http://www.securityfocus.com/bid/4242 Symantec Norton AntiVirus Non-RFC Compliant Email Protection Bypass Vulnerability http://www.securityfocus.com/bid/4243 Symantec Norton AntiVirus Excluded Filetype Email Protection Bypass Vulnerability http://www.securityfocus.com/bid/4245 Symantec Norton AntiVirus Conflicting MIME Header Vulnerability http://www.securityfocus.com/bid/4246 Symantec Ghost Corporate Edition 7.0 Plain Text Credentials Vulnerability http://www.securityfocus.com/bid/4181 Symantec Norton Antivirus LiveUpdate Plaintext Credentials Vulnerability http://www.securityfocus.com/bid/4170 Symantec Enterprise Firewall Notify Daemon SNMP Data Loss Vulnerability http://www.securityfocus.com/bid/4139 Symantec Enterprise Firewall SMTP Proxy Information Leak Vulnerability http://www.securityfocus.com/bid/4141 Symantec Norton Antivirus LiveUpdate Host Verification Vulnerability http://www.securityfocus.com/bid/3403 Symantec Norton Antivirus LiveUpdate DoS Vulnerability http://www.securityfocus.com/bid/3413 Symantec Ghost Configuration Server DoS Attack http://www.securityfocus.com/bid/2570 Symantec pcAnywhere Port Scan DoS Vulnerability http://www.securityfocus.com/bid/1150 Symantec pcAnywhere Weak Encryption Vulnerability http://www.securityfocus.com/bid/1093 Symantec Mail-Gear Directory Traversal Vulnerability http://www.securityfocus.com/bid/827 Hrm? : "There is no cost [to send spam]; therefore, people send all kinds of : junk. Service providers can fix this by changing the economics of the : situation," he said. "Don't rely on legislative initiatives. A simple : technology solution solves this problem. You know what's coming through : your network. If someone is sending 100,000 e-mails, block them. I don't : understand why you need to appeal to the government." Great theory, but I wonder. If the solution is SO easy, and requires e-mail senders to pay for each outgoing email, why hasn't Symantec developed the solution? If it is that easy, then Symantec could easily jump into a billion+ dollar cash cow. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Nov 21 2003 - 02:01:14 PST