|
AhnLab V3 Antivirus Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA15674
|
|
|
Release Date:
|
2005-09-15
|
|
Last Update:
|
2005-09-23
|
|
Popularity:
|
9,957 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
Privilege escalation
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | AhnLab V3Net for Windows Server 6.x
AhnLab V3Pro 2004 (AhnLab V3 VirusBlock 2005)
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Secunia research has discovered some vulnerabilities in AhnLab V3 Antivirus, which can be exploited by malicious, local users to gain escalated privileges, or by malicious people to compromise a vulnerable system.
1) The real-time scan driver, v3flt2k.sys, does not validate the source of received "DeviceIoControl()" commands. This can be exploited by non-administrative users to run explorer.exe with SYSTEM privileges, or to disable the real-time scan engine, via specially crafted DeviceIoControl requests,
2) A boundary error in the ACE archive decompression library can be exploited to cause a stack-based buffer overflow when a malicious ACE archive containing a compressed file with an overly long filename is scanned.
Successful exploitation allows execution of arbitrary code, but requires that compressed file scanning is enabled.
3) A directory traversal error in the archive decompression library can be exploited to write files to arbitrary directories when a malicious archive containing compressed files with directory traversal sequences in their filenames is scanned.
Vulnerability #2 and #3 are related to:
SA14359
The vulnerabilities have been confirmed in Build 6.0.0.383 of the following products:
* AhnLab V3Pro 2004 (AhnLab V3 VirusBlock 2005 outside Korea)
* AhnLab V3Net for Windows Server 6.0
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
