F-Prot Anti-Virus Scanning Engine Bypass
An vulnerability has been reported in some versions of F-Prot Anti-Virus. The advisory is referenced below. Exploit code is reported to be available. Though it doesn't look like it would be difficult to create a zip file with a version header value greater than 15.
http://securitytracker.com/alerts/2005/Nov/1015148.html
Update:
Full information can be found here: (Thanks Thierry)
http://thierry.sniff-em.com/research/fprot.html
Reportedly Vulnerable Versions/Platforms:
TBD
Vendors and users need to be really careful about making assumptions their networks are secure based upon a single application. Diversity and layers are a goodness.
Other recent bypass issues:
WebRoot Desktop Firewall:
http://secwatch.org/advisories/1011804
Sophos:
http://www.securitytracker.com/alerts/2005/Oct/1015025.html
Symantec:
http://www.securitytracker.com/alerts/2005/Oct/1015027.html
Kaspersky:
http://www.securitytracker.com/alerts/2005/Oct/1015024.html
Zone-Alarm:
http://www.net-security.org/vulnerability.php?id=20275
http://download.zonelabs.com/bin/free/securityAlert/35.html
http://securitytracker.com/alerts/2005/Nov/1015148.html
Update:
Full information can be found here: (Thanks Thierry)
http://thierry.sniff-em.com/research/fprot.html
Reportedly Vulnerable Versions/Platforms:
TBD
Vendors and users need to be really careful about making assumptions their networks are secure based upon a single application. Diversity and layers are a goodness.
Other recent bypass issues:
WebRoot Desktop Firewall:
http://secwatch.org/advisories/1011804
Sophos:
http://www.securitytracker.com/alerts/2005/Oct/1015025.html
Symantec:
http://www.securitytracker.com/alerts/2005/Oct/1015027.html
Kaspersky:
http://www.securitytracker.com/alerts/2005/Oct/1015024.html
Zone-Alarm:
http://www.net-security.org/vulnerability.php?id=20275
http://download.zonelabs.com/bin/free/securityAlert/35.html
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments