Threat Level: green Handler on Duty: Brad Duncan

SANS ISC InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

F-Prot Anti-Virus Scanning Engine Bypass

Published: 2005-11-04
Last Updated: 2005-11-04 18:24:26 UTC
by Robert Danford (Version: 2)
0 comment(s)
An vulnerability has been reported in some versions of F-Prot Anti-Virus. The advisory is referenced below. Exploit code is reported to be available. Though it doesn't look like it would be difficult to create a zip file with  a version header value greater than 15.

Full information can be found here: (Thanks Thierry)

Reportedly Vulnerable Versions/Platforms:

Vendors and users need to be really careful about making assumptions their networks are secure based upon a single application. Diversity and layers are a goodness.

Other recent bypass issues:
WebRoot Desktop Firewall:

0 comment(s)
Diary Archives