ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA20858] F-Secure Antivirus Products Scanning Bypass Vulnerability



> 
> TITLE:
> F-Secure Antivirus Products Scanning Bypass Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA20858
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/20858/
> 
> CRITICAL:
> Moderately critical
> 
> IMPACT:
> Security Bypass
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> F-Secure Anti-Virus 2004
> http://secunia.com/product/3500/
> F-Secure Anti-Virus 2005
> http://secunia.com/product/4299/
> F-Secure Anti-Virus 2006
> http://secunia.com/product/6882/
> F-Secure Anti-Virus Client Security 5.x
> http://secunia.com/product/2718/
> F-Secure Anti-Virus Client Security 6.x
> http://secunia.com/product/5786/
> F-Secure Anti-Virus for Citrix Servers 5.x
> http://secunia.com/product/5198/
> F-Secure Anti-Virus for MIMEsweeper 5.x
> http://secunia.com/product/455/
> F-Secure Anti-Virus for Windows Servers 5.x
> http://secunia.com/product/452/
> F-Secure Anti-Virus for Workstations 5.x
> http://secunia.com/product/457/
> F-Secure Internet Security 2004
> http://secunia.com/product/3499/
> F-Secure Internet Security 2005
> http://secunia.com/product/4300/
> F-Secure Internet Security 2006
> http://secunia.com/product/6883/
> F-Secure Service Platform for Service Providers (Personal Express)
> 6.x
> http://secunia.com/product/6885/
> 
> DESCRIPTION:
> Two vulnerabilities have been reported in various F-Secure Antivirus
> products, which can be exploited by malware to bypass the scanning
> functionality.
> 
> 1) An unspecified error within the handling of executable programs
> where the name has been manipulated in a certain way can be exploited
> to bypass the anti-virus scanning functionality.
> 
> 2) An error causes files on removable media to not be scanned when
> the "Scan network devices" option has been disabled.
> 
> Successful exploitation of the vulnerabilities bypasses the real-time
> scanning functionality and may result in execution of malware on the
> system.
> 
> SOLUTION:
> Apply patches (see patch matrix in the vendor's advisory).
> 
> PROVIDED AND/OR DISCOVERED BY:
> Reported by the vendor.
> 
> ORIGINAL ADVISORY:
> F-Secure:
> http://www.f-secure.com/security/fsc-2006-4.shtml
> 




 




Copyright © Lexa Software, 1996-2009.