SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   F-Prot Antivirus Vendors:   FRISK Software International
F-Prot Antivirus Lets Remote Users Bypass the Scanning Engine with Specially Crafted ZIP Files
SecurityTracker Alert ID:  1015148
SecurityTracker URL:  http://securitytracker.com/id/1015148
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 3 2005
Impact:   Host/resource access via network
Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in F-Prot Antivirus. A remote user can send malicious content that will bypass the scanning engine.

The F-prot scanning engine does not properly decompress ZIP files that have a version header value greater then 15. As a result, content within the affected ZIP files will not be scanned and will be determined to be free of malicious content.

The vendor was notified on October 30, 2005.

Thierry Zoller reported this vulnerability.

The original advisory is available at:

http://thierry.sniff-em.com/research/fprot.html

Impact:   A remote user can send malicious content that will bypass the scanning engine.
Solution:   No solution was available at the time of this entry. The vendor plans to issue a fix.
Vendor URL:  www.f-prot.com/products/corporate_users/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC