Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA26124] NOD32 Antivirus Multiple File Processing Vulnerabilities



> ----------------------------------------------------------------------
>
> TITLE:
> NOD32 Antivirus Multiple File Processing Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA26124
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/26124/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From remote
>
> SOFTWARE:
> NOD32 for Domino 2.x
> http://secunia.com/product/1068/
> NOD32 for DOS 1.x
> http://secunia.com/product/1064/
> NOD32 for FreeBSD 1.x
> http://secunia.com/product/1071/
> NOD32 for Linux 1.x
> http://secunia.com/product/1070/
> NOD32 for MS Exchange Server 0.x
> http://secunia.com/product/1069/
> NOD32 for NetBSD 1.x
> http://secunia.com/product/1073/
> NOD32 for Novell Netware Server 1.x
> http://secunia.com/product/1067/
> NOD32 for OpenBSD 1.x
> http://secunia.com/product/1072/
> NOD32 for Windows 95/98/ME 2.x
> http://secunia.com/product/1065/
> NOD32 for Windows NT/2000/XP/2003 2.x
> http://secunia.com/product/1066/
>
> DESCRIPTION:
> Sergio Alvarez has reported some vulnerabilities in NOD32 Antivirus,
> which can be exploited by malicious people to cause a DoS (Denial of
> Service) or compromise a vulnerable system.
>
> 1) A race-condition error when processing CAB archives can be
> exploited to cause a heap corruption when e.g. scanning a specially
> crafted CAB archive.
>
> Successful exploitation may allow execution of arbitrary code.
>
> 2) A divide-by-zero error when processing Aspack and FSG packed files
> can be exploited to e.g. crash the application via a specially crafted
> Aspack or FSG packed file.
>
> 3) An integer-overflow error when processing Aspack packed files can
> be exploited to cause an infinite loop and consume large amounts of
> CPU resources via a specially crafted Aspack packed file.
>
> The vulnerabilities are reported in versions prior to update
> v.2.2289.
>
> SOLUTION:
> Apply update v.2.2289 or later.
>
> PROVIDED AND/OR DISCOVERED BY:
> Sergio Alvarez, n.runs AG
>
> ORIGINAL ADVISORY:
> n.runs AG:
> http://www.nruns.com/%5Bn.runs-SA-2007.016%5D%20-%20NOD32%20An
> tivirus%20CAB%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt
> http://www.nruns.com/%5Bn.runs-SA-2007.018%5D%20-%20NOD32%20An
> tivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20
Advisory.txt
> http://www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20An
> tivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt
>
> ESET:
> http://www.eset.com/joomla/index.php?option=com_content&task=v
> iew&id=3469&Itemid=26
>



 




Copyright © Lexa Software, 1996-2009.