Symantec sevinst.exe failing md5 check

[aD]

Symantec's SEVINST.EXE, hosted at:
ftp://ftp.symantec.com/public/english_us_canada/symevnt/sevinst.exe
....fails it's listed md5 of: FFE3A6941208B4F701C2268BFB18748E which is
given at:

http://securityresponse.symantec.com/avcenter/download/pages/US-MU.html
and
http://securityresponse.symantec.com/avcenter/download/md5-hash.txt

My md5 of the file: 5c32ade2aec0741e55e7e3025c9baf0a which I used two
different programs to download the file twice each, every time resulted in
the same sum.

The file *does* however pass it's publisher certificate verification.

I quarantined the file and sent it off to SARC in the hopes that someone at
Symantec will pick it up, and am posting here for that reason as well. I've
not got time to go through the hoops that is their web site's contact pages
(it's prolly blatantly obvious but I couldn't find anywhere to report this)

Personally I find it unlikely that the md5 failing is anything untoward as
the publisher cert. is OK. But you never know...

I do know there are symantec.* specific groups but my ISP doesn't have them
yet. Apologies if you didn't want to read this ;-)


aD

 

[Steven Cook]

My md5 of the file: 5c32ade2aec0741e55e7e3025c9baf0a which I used two
different programs to download the file twice each, every time resulted in
the same sum.

Yup, that's the md5 I get also.