F-Secure Internet Gatekeeper May Fail to Detect Malware in Various Archive Format Files
|
|
SecurityTracker Alert ID: 1023842 |
|
SecurityTracker URL: http://securitytracker.com/id/1023842
|
|
CVE Reference:
CVE-2010-1425
(Links to External Site)
|
Updated: Apr 20 2010
|
Original Entry Date: Apr 12 2010
|
Impact:
Host/resource access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): for Windows 6.61 and prior; for Linux 4.02 and prior
|
Description:
A vulnerability was reported in F-Secure Internet Gatekeeper. A remote user can bypass the anti-virus detection.
A remote user can create a specially crafted archive file containing malware that, when scanned by the target anti-virus engine, will not detect the enclosed malware.
The 7Z, GZIP, CAB, RAR archive formats are affected.
ReversingLabs reported this vulnerability.
|
Impact:
A remote user can create content that will bypass the anti-virus detection mechanism.
|
Solution:
The vendor has issued a fix.
F-Secure Internet Gatekeeper for Linux 2.16 – 4.02:
ftp://ftp.f-secure.com/support/hotfix/fsav-linux/libfm.4.10.16130.tar.gz
Or upgrade to version 4.03:
http://www.f-secure.com/en_EMEA/downloads/product-updates/internet-gatekeeper-for-linux/
F-Secure Internet Gatekeeper for Windows 6.61:
ftp://ftp.f-secure.com/support/hotfix/fsig/fsigk661-06.zip
The vendor's advisory is available at:
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html
|
Vendor URL: www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 12 Apr 2010 18:22:19 +0000
Subject: F-Secure Internet Gatekeeper
|
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html
|
|
