F-Secure Anti-Virus for MIMEsweeper Fails to Detect Sober.D Worm
|
|
SecurityTracker Alert ID: 1009685
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 7 2004
|
Impact: Host/resource access via network
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Version(s): F-Secure Anti-Virus for MIMEsweeper 5.41, 5.42
|
Description: A vulnerability was reported in F-Secure Anti-Virus for MIMEsweeper. A remote user can send a specific worm past the scanner.
F-Secure reported that the software does not properly detect the Sober.D worm contained in zip archives.
|
Impact: A remote user can send the Sober.D worm in a zip archive to bypass the anti-virus filtering.
|
Solution: The vendor has released a fix (FSAV for MIMEsweeper Hotfix 13), available at:
ftp://ftp.f-secure.com/support/hotfix/fsav-msw/fsavsr541-13-signed.fsfix
|
Vendor URL: support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml (Links to External Site)
|
Cause: Input validation error, State error
|
Underlying OS: Windows (NT), Windows (2000), Windows (2003)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 06 Apr 2004 13:23:01 -0400
Subject: http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml
|
http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml
> FSAV for MIMEsweeper Hotfix 13
> Apr 5, 2004
> F-Secure Anti-Virus for MIMEsweeper 5.41, 5.42
ftp://ftp.f-secure.com/support/hotfix/fsav-msw/fsavsr541-13-signed.fsfix
F-Secure issued a fix for F-Secure Anti-Virus for MIMEsweeper. The software did not
properly detect the Sober.D worm in zip archives, the vendor said.
|
|
