ATLAS Attack Report: Global symantec antivirus realtime virusscan overflow attempt

Attack Report

Global symantec antivirus realtime virusscan overflow attempt

View:
Activity
Sources

Output:
Print
XML
CSV

Activity (past 24 hours)

By Service

Service	Attacks per subnet	Percentage
TCP/2967	8.78	100.0%
Other	0.00	0.0%

Sources (past 24 hours)

By Country

Country	Attacks per subnet	Percentage
CN (China)	7.01	79.8%
KR (South Korea)	1.35	15.4%
AR (Argentina)	0.32	3.7%
US (United States)	0.04	0.5%
HR (Croatia)	0.02	0.2%
NL (Netherlands)	0.01	0.2%
IT (Italy)	0.01	0.1%
MY (Malaysia)	0.01	0.1%
PL (Poland)	0.00	0.0%
VE (Venezuela)	0.00	0.0%
Other	0.00	0.0%

By ASN

ASN	Attacks per subnet	Percentage
AS4134 (CHINANET-BACKBONE)	6.49	73.9%
AS4766 (KIXS-AS-KR)	1.35	15.4%
AS7303 (Telecom)	0.32	3.7%
AS4837 (CHINA169-BACKBONE)	0.28	3.2%
AS24401 (CNNIC-TELNET-AP)	0.17	1.9%
AS17964 (DXTNET)	0.06	0.7%
AS7011 (FRONTIER-AND-CITIZENS)	0.03	0.3%
AS4808 (CHINA169-BJ)	0.02	0.2%
AS2108 (CARNET-AS)	0.02	0.2%
AS30776 (CASEMAISP-AS)	0.01	0.2%
Other	0.04	0.4%

By Host

Host	Attacks per subnet	Percentage
218.23.53.228	2.32	26.5%
58.215.93.7	2.16	24.6%
121.135.196.99	1.35	15.4%
61.147.115.37	1.29	14.7%
190.136.177.42 (host42.190-136-177.telecom.net.ar)	0.32	3.7%
222.186.13.50	0.30	3.4%
121.14.142.60	0.20	2.3%
220.249.96.168	0.19	2.2%
202.173.11.34	0.17	1.9%
202.109.175.52	0.11	1.2%
Other	0.36	4.1%

Background

Description

symantec antivirus realtime virusscan overflow attempt

Vulnerabilities

CVE-2006-2630

Age: 823 days

Severity: High

CVSS Score: 10.0

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.