|
F-Secure Anti-Virus Archived Virus Detection Bypass Vulnerability
|
|
Secunia Advisory:
|
SA11699
|
|
|
Release Date:
|
2004-05-25
|
|
Last Update:
|
2005-07-26
|
|
Popularity:
|
11,829 views
|
|
|
Critical:
|
 Less critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | F-Secure Anti-Virus 5.x F-Secure Anti-Virus Client Security 5.x F-Secure Anti-Virus for Windows Servers 5.x F-Secure Anti-Virus for Workstations 5.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2004-2276
|
|
Description: A vulnerability has been discovered in F-Secure Anti-Virus, which may prevent certain malware in archives from being detected.
The vulnerability is caused due to an unspecified error, which reportedly causes a problem with properly detecting the Sober.D and Sober.G viruses in PKZip archives.
The vulnerability has been reported in the following versions:
* F-Secure Anti Virus 5.41/5.42 for Workstations
* F-Secure Anti-Virus 5.41/5.42 for File Servers
* F-Secure Anti Virus Client Security 5.50 and 5.52
NOTE: The malware will still be detected by the affected products when being extracted from the archives prior to execution.
Solution: F-Secure Anti-Virus Client Security 5.52 Service Release 1 (SR-1) is not affected.
Apply appropriate hotfixes for vulnerable versions.
FSAV 5.42/5.41 Hotfix 3:
ftp://ftp.f-secure.com/support/hotfix/fsav/fsavwk552-05-signed.fsfix
FSAV 5.41/5.42 for Servers Hotfix 13:
ftp://ftp.f-secure.com/support/hotfix/fsav-server/fsavsr541-13-signed.fsfix
FSAVCS Hotfix 10 (Anti-Virus Hotfix 5):
ftp://ftp.f-secure.com/support/hotfix/fsavcs/fsavwk552-05-signed.fsfix
Provided and/or discovered by: Reported by vendor.
Changelog: 2004-05-26: Updated advisory with new information from vendor and decreased rating to "Less critical".
2005-07-26: Added CVE reference.
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|