I recently met a colleague for lunch who works for an anti-virus vendor.  During our conversation my lunch colleague highlighted some embarrassing mistakes his own company recently made with regards to faulty updates to their products.  I pointed out that Symantec recently crippled millions of PCs in China with a faulty signature update.  While this amused my colleague it made me think what other issues have appeared in the software we depend on to secure our systems and vital data.

To this end I researched the US National Vulnerability Database for vulnerabilities found in security software since the beginning of the year until the 1st of June…..

I have to admit what I found was depressing; over 144 vulnerabilities are known to have occurred in the software we use to protect our systems.  Don’t forget that there also may be additional vulnerabilities out there that are not yet public and either are known to the vendors as part of their own Q&A or are known to the bad guys who would rather keep the information for themselves so they can better attack their targets.  My findings are below.

Most of the major vendors be that commercial or open source, have been affected.  Of the 144 vulnerabilities, 35 were in various anti-virus software products with over 30 vulnerabilities being discovered in firewall technology.  So I guess the main messages to conclude are;

  1. Ensure your security infrastructure is not reliant solely on software.  Remember People, Process and Technology are the three pillars to a secure environment.
  2. Regularly review your security software to ensure it is up to date.
  3. Develop a patch management process that should be specific to your security software.  Remember this is the software you depend on to protect your information, networks and systems so you may need to treat it differently from the accounting package deployed within your company.
  4. When selecting a product do not be afraid to question the vendor on how they manage vulnerabilities, patches and updates for their products.
  5. While having the above questioning session ask the vendor how do they alert you, their customer, to issues with their software.
  6. Deploy your security systems in a layered approach to provide defence in depth.  This is to ensure if one layer of your security fails the other layers should continue to protect you.

Finally for those of you that are interested please find a list of all the vulnerabilities identified within the US National Vulnerability Database so far this year.  I have listed the products alphabetically, if you spot one of the products you use on this list then I recommend you check and make sure it is up to date with the latest version, after all you would not drive your car knowing the brakes may be faulty!
    

3com — TippingPoint IPS
       

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2276
3Com TippingPoint IPS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2734
3proxy — 3proxy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6981
3proxy — 3proxy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6982
Acunetix — Web Vulnerability Scanner
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0120
Agnitum — Outpost Firewall PRO
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0333
Agnitum — Outpost Firewall PRO
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7160
ALWIL — Avast! Antivirus Server Edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0829
Apache — SpamAssassin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0451
Avast — Avast Antivirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1672
AVIRA — Antivir
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1671
Barracuda Networks — Barracuda Spam Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1669
BEA Systems — AquaLogic Enterprise Security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0434
CA — eTrust Intrusion Detection
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1005
Check Point Software — Connectra NGX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0471
Check Point Software — Firewall-1
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6967
Check Point Software — ZoneAlarm
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2174
Check Point Software — ZoneAlarm
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2730
CipherTrust — IronMail
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1723
Cisco — Clean Access
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0058
Cisco — Clean Access –
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6844
Cisco — Intrusion Prevention System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2688
Cisco — PIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2462
Cisco — PIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2461
Cisco — PIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2463
Cisco — PIX
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2464
Cisco — Secure Access Control Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0105
Cisco — Secure Services Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1067
Cisco — Secure Services Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1064
Cisco — Secure Services Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1065
Cisco — Secure Services Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1066
Cisco — Secure Services Client
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1068
Cisco — Security Device Manager & Various other products
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1467
Cisco — Trust Agent
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1800
Clam Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2650
Clam Anti-Virus — ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0898
Clam Anti-Virus — ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0897
Clam Anti-Virus — ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1997
Clam Anti-Virus — ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1745
Clam Anti-Virus — ClamAV
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2029
Comodo — Comodo Firewall Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0708
Comodo — Comodo Firewall Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0709
Comodo — Comodo Firewall Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1051
Comodo — Comodo Firewall Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1330
Comodo — Comodo Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2729
Comodo — Comodo Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2730
Computer Associates — Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2523
Computer Associates — BrightStor ARCserve Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0168
Computer Associates — BrightStor ARCserve Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0169
Computer Associates — BrightStor ARCServe Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0816
Computer Associates — BrightStor ARCServe Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1447
Computer Associates — BrightStor ARCServe Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1785
Computer Associates — BrightStor ARCserve Backup
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2772
Computer Associates — Desktop Protection Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0449
Computer Associates — eTrust Admin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1345
Computer Associates — eTrust EZ Antivirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2522
Computer Associates — eTrust EZ Antivirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2522
Computer Associates — Host Intrusion Prevention System
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6952
Computer Associates — Protection Suites
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5171
Computer Associates — Protection Suites
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5172
Computer Associates — Server Protection Suite
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2139
Credant — Credant Mobile Guardian Shield – Windows
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2883
eIQnetworks — Enterprise Security Analyzer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2059
EMC — RSA Security SiteKey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7201
EMC — RSA Security SiteKey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7199
EMC — RSA Security SiteKey
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7200
F5 — Firepass
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0187
F5 — Firepass
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0188
F5 — Firepass
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0195
F5 — FirePass SSL VPN
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0186
F5 — FirePass SSL VPN
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0186
FreeRADIUS — FreeRADIUS
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2028
F-secure — F-Secure Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2965
F-secure — F-Secure Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2966
F-secure — F-Secure Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2967
F-Secure — F-Secure Anti-Virus Client Security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1557
F-Secure — Policy Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2964
InGate — Firewall and SIParator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0334
Internet Security Systems — BlackICE PC Protection
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7129
IPsec-Tools — IPsec-Tools
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1841
Kaspersky Lab — Kaspersky Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0445
Kaspersky Lab — Kaspersky Anti-Virus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1112
Kaspersky Lab — Kaspersky Antivirus Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0125
Kaspersky Lab — Kaspersky Antivirus Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1281
ManageEngine — Firewall Analyzer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1642
ManageEngine — PasswordManager Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2429
McAfee — ePolicy Orchestrator
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1498
McAfee — Virex
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1226
McAfee — Virex
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1227
McAfee — VirusScan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2584
McAfee — VirusScan Enterprise
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1538
McAfee — VirusScan Enterprise
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2152
Microsoft Malware Protection Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5270
MicroWorld Technologies — eScan
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0655
Multiple IBM ISS Proventia Series products
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2690
Norman — Norman Sandbox Analyzer
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1194
Nortel — VPN Router
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2332
Novell — Access Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1309
Novell — BorderManager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7155
Novell — Novell Access Manager Identity Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0110
Novell — Novell SecureLogin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2475
Novell — Novell SecureLogin
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2476
RSA — BSAFE Cert-C
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3894
SecureKit — SecureKit Steganography
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0163
Snort — Snort
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5276
Snort — Snort
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1398
Snort Project — Snort
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0251
Snort Project — Snort –
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6931
Squid — Squid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0247
Squid — Squid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0248
Squid — Squid
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1560
SSH Communications Security — SSH Tectia Server
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2063
Sunbelt — Sunbelt Kerio Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0081
Symantec — BackupExec System Recovery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2359
Symantec — BackupExec System Recovery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2360
Symantec — BackupExec System Recovery
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2361
Symantec — Enterprise Security Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2375
Symantec — Enterprise Security Manager
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2896
Symantec — Norton Antivirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6490
Symantec — Norton AntiVirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3456
Symantec — Norton Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1495
Symantec — Norton Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1793
Symantec — Norton Personal Firewall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1689
Symantec — Symantec Mail Security for SMTP
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1252
Symantec — Symantec Web Security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0563
Symantec — Symantec Web Security
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0564
TIS — Internet Firewall Toolkit
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0201
Trend Micro — OfficeScan Corporate Edition
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0325
Trend Micro — Scan Engine
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0851
Trend Micro — ServerProtect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1070
Trend Micro — ServerProtect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1168
Trend Micro — ServerProtect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2508
Trend Micro — ServerProtect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2528
Trend Micro — ServerProtect
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2533
Trend Micro — Trend Micro AntiVirus
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1591
Trend Micro — VirusWall
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0602
TrueCrypt Foundation — TrueCrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1589
TrueCrypt Foundation — TrueCrypt
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1738
Utimaco Safeware — SafeGuard Easy
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-7142
Webroot Software — Spy Sweeper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6959
Webroot Software — Spy Sweeper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6960
Webroot Software — Spy Sweeper
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6961
Zone Labs — ZoneAlarm Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2467
Zone Labs — ZoneAlarm Pro
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2083

  

   

About the Author: bhimport

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

Name*