6409 : F-Secure Anti-Virus PKZip Virus Detection Bypass
Printer | http://osvdb.org/6409 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

7 months ago

Percent Complete

90%

Disclosure

May 25, 2004

Discovery

Unknown

Dates

Exploit

May 25, 2004

Solution

Unknown

Description

F-Seure AntiVirus contains a flaw that may allow a remote attacker to bypass antivirus policies. The problem is that the program fails to properly detect the Sober.D and Sober.G viruses, which could allow a remote attacker to place arbitrary files resulting in a loss of integrity. No further details have been provided.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, F-Secure has released a patch to address this vulnerability.

Products

F-Secure Corporation	Anti-Virus Client Security	5.50
		5.52
	Anti-Virus for File Servers	5.41
		5.42
	Anti-Virus for Workstations	5.41
		5.42

References

Secunia Advisory ID: 11699
ISS X-Force ID: 16243
CVE ID: 2004-2276 (see also: NVD)
Vendor Specific Solution URL: ftp://ftp.f-secure.com/support/hotfix/fsav-server/fsavsr541-13-signed.fsfix ftp://ftp.f-secure.com/support/hotfix/fsav/fsavwk552-05-signed.fsfix ftp://ftp.f-secure.com/support/hotfix/fsavcs/fsavwk552-05-signed.fsfix
Vendor URL: http://www.f-secure.com/

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

F-Secure Corporation

Anti-Virus Client Security

Anti-Virus for File Servers

Anti-Virus for Workstations

References

Credit

Blogs

Comments