OSVDB ID: 9818

Title: F-Secure Anti-Virus For Microsoft Exchange Content Scanner Server Exception Handling DoS

Info

Disclosure

Sep 09, 2004

Discovery

Aug 25, 2004

Dates

Exploit

Unknown

Solution

Unknown

Description

F-Secure Anti-Virus for Microsoft Exchange contains a flaw that may allow a remote denial of service. The issue is triggered due to the parsing of malformed packets on port 18,971, which causes the application to crash with an access violation error and will result in loss of availability for the server.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, F-Secure has released a patch to address this vulnerability.

Products

F-Secure Corporation	Anti-Virus for Microsoft Exchange	6.21
		6.01

References

Security Tracker: 1011200
Secunia Advisory ID: 12492
ISS X-Force ID: 17307
CVE ID: 2004-0830 (see also: NVD)
Related OSVDB ID: 9790
Vendor URL: http://www.f-secure.com/products/anti-virus/fsavme/
Vendor Specific Advisory URL: http://www.f-secure.com/security/fsc-2004-2.shtml
Other Advisory URL: http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities

Credit

iDEFENSE - idlabs-advisoriesidefense.com - iDEFENSE

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

F-Secure Corporation

Anti-Virus for Microsoft Exchange

References

Credit