|
F-Prot buffer overflow
|
|
Secunia Advisory:
|
SA8174
|
|
|
Release Date:
|
2003-02-27
|
|
Last Update:
|
2003-03-03
|
|
Popularity:
|
4,299 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | F-Prot Antivirus for Linux 3.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
F-Prot has been found vulnerable to a buffer overflow. The problem is that filenames aren't verified sufficiently when used as an argument on the command line, this allows long filenames to cause a buffer overflow.
This buffer overflow may be exploited to execute arbitrary code with the privileges of the user executing f-prot.
F-prot is not installed setuid, however if root has installed f-prot to run in a cron job or has executed it him self, local users may be able to escalate their privileges. Only scripts that use each filename as an argument in the command line is vulnerable, this can not be exploited when doing recursive scans.
Solution:
Version 3.12d for Linux and FreeBSD has been released.
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
