OSVDB ID: 22633

Title: F-Secure Anti-Virus Crafted ZIP/RAR Scanner Bypass

Info

Disclosure
Jan 19, 2006

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 F-Secure Anti Virus products contain a flaw that may allow malicious code to bypass the scanning engine. The issue is triggered when specially crafted RAR or ZIP archives are processed by the scanning engine, resulting in a loss of integrity.

Classification

 Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

 F-Secure has issued a number of upgrades for their product range to address this issue, which have been reported to fix this vulnerability. Upgrades are required as there are no known workarounds.

Products

F-Secure Corporation

Anti-Virus

 2004
2005
2006

Anti-Virus for Linux Workstations

 4.52

Internet Security

 2004
2005
2006

Anti-Virus for Workstation

 5.44

Anti-Virus for Windows Servers

 5.52

Anti-Virus for Citrix Servers

 5.52

Anti-Virus for MIMEsweeper

 5.61

Anti-Virus Client Security

 6.01

Anti-Virus for MS Exchange

 6.40

Internet Gatekeeper

 6.42

Anti-Virus for Firewalls

 6.20

Anti-Virus for Linux Servers

 4.64

Anti-Virus for Linux Gateways

 4.64

Anti-Virus for Samba Servers

 4.62

Anti-Virus Linux Client Security

 5.11

Anti-Virus Linux Server Security

 5.11

Internet Gatekeeper for Linux

 2.14

Personal Express

 6.20

References

Credit
  • Thierry Zoller - ThierryBrand New Doo DooZoller.lu - Personal Page


Direct URL: http://osvdb.org/36218