Symantec - australia / new zealand
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Updated Privacy Policy
press centre

Symantec Manhunt's Protocol Anomaly Detects Sendmail Vulnerability

Customers Are Protected Against This Specific Exploit

SYDNEY --NSW - March 10, 2003 -- Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced that Symantec ManHunt's protocol anomaly detection technology detected the Sendmail Header Processing vulnerability, a remotely exploitable vulnerability in Sendmail, one of the most common e-mail servers. Symantec ManHunt customers have been protected against this specific exploit since its discovery without having to update the product.

"Symantec ManHunt's detection ability is one of its key strengths. In addition to classic signature capabilities, ManHunt also provides protocol anomaly detection, which looks for deviations from normal protocol behaviour and detects novel attacks," said Frank Huerta, vice president, IDS product delivery at Symantec. "In this case, Symantec ManHunt's protocol anomaly detection detected the Sendmail exploit as a violation of the mail protocol. Our customers were alerted to the attack without having to update the product to protect against this specific vulnerability."

The remotely exploitable vulnerability was discovered in multiple versions of Sendmail. Remote attackers may gain root access (complete control) on affected SMTP servers. As SMTP servers are responsible for delivering and receiving e-mail, sensitive information may also be disclosed or tampered with by attackers. Sendmail is a widely used message transfer agent (MTA) for UNIX and Microsoft Windows systems.

Symantec ManHunt is an advanced network-based intrusion detection system that provides multiple detection methodologies to detect both known and unknown, or "zero day" attacks. ManHunt's core detection capability uses protocol anomaly detection, signature detection with custom signature support, traffic state profiling and statistical flow analysis to identify intrusions and denial of service attacks. ManHunt detects intrusions at speeds of up to two gigabits per second, dependent upon system configuration.

Symantec ManHunt is a key element of Symantec Enterprise Security, which provides any size organisation with the technology, global response and services necessary to manage its information security. Symantec's comprehensive solution offers best-of-breed products to protect gateways, servers and clients with firewall security, virtual private networking (VPN), intrusion detection, vulnerability management and virus protection. Customers benefit from Symantec's global network of researchers that provide customers with around-the-clock, immediate response to any new security-related attacks. Symantec Enterprise Security customers are also supported by one of the largest professional security organisations in the world, offering security consulting, security education and managed security services. For more information, please visit Symantec's enterprise Web site at http://www.symantec.com.au/region/au_nz/enterprise/.

About Symantec
Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit www.symantec.com.au

NOTE TO EDITORS: Symantec and the Symantec logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.