SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Security)  >  F-Secure Anti-Virus Vendors:  F-Secure
F-Secure Anti Virus Buffer Overflow in Processing LHA Archives May Let Remote Users Deny Service
SecurityTracker Alert ID:  1010296
SecurityTracker URL:  http://securitytracker.com/id?1010296
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 26 2004
Impact:  Denial of service via local system, Denial of service via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): F-Secure Anti-Virus for Workstation 5.42; for Windows Servers; for MIMEsweeper 5.42; for MS Exchange 6.21; for Linux Workstations 4.52; for Linux Servers 4.52; for Linux Gateways 4.52; for Servers 4.60; and earlier versions
Description:  A buffer overflow vulnerability was reported in F-Secure Anti Virus. A remote user can cause denial of service conditions on the target system.

F-Secure reported that a remote user or local user can create a specially crafted LHA archive that, when scanned by the system, will cause "temporary performance degredation" or denial of service conditions.

The vendor indicates that on-demand scans will terminate when the malformed file is encountered.
Impact:  A remote or local user can cause denial of service conditions on the target system, depending on how the system is configured and on other conditions.
Solution:  The vendor has issued a series of hotfixes. For a matrix showing the appropriate hotfix for each affected version, see the Vendor's Advisory at:

http://www.f-secure.com/security/fsc-2004-1.shtml
Vendor URL:  www.f-secure.com/security/fsc-2004-1.shtml (Links to External Site)
Cause:  Boundary error

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 27 2004 (Vendor Issues Fix for Content Scanner Server) F-Secure Anti Virus Buffer Overflow in Processing LHA Archives May Let Remote Users Deny Service
A fix for F-Secure Anti-Virus for MS Exchange when used with F-Secure Content Scanner Server is also available.


 Source Message Contents

 

[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC