Page 1 of 10 12345 ... LastLast
Results 1 to 10 of 95

Thread: Multiple AV vendor vulns - archived

  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Multiple AV vendor vulns - archived

    FYI...

    (See: https://knowledge.mcafee.com/article...AL_Public.html
    "...before applying the HotFix...")

    - http://secunia.com/advisories/24466/
    Release Date: 2007-03-14
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Software:
    McAfee ePolicy Orchestrator 3.x
    McAfee ProtectionPilot 1.x
    ...Successful exploitation allows execution of arbitrary code.
    The vulnerabilities affect the following products:
    * McAfee ePolicy Orchestrator 3.5.0 (Patch 5 and earlier)
    * McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier)
    * McAfee ePolicy Orchestrator 3.6.1
    * McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier)
    * McAfee ProtectionPilot 1.5.0
    Solution: Apply hotfix/patch.
    https://mysupport.mcafee.com/eservice_enu/start.swe ..."

    -----------------------------------------------------------
    - http://secunia.com/advisories/24450/
    Release Date: 2007-03-15
    Critical: Moderately critical
    Impact: DoS
    Where: From remote
    Solution Status: Vendor Patch
    ...The vulnerability reportedly affects all Trend Micro products that use Scan Engine version 8.0 and above with Pattern File technology.
    Solution: Update the virus pattern file to OPR 4.335.00 or higher...
    Original Advisory: Trend Micro:
    http://esupport.trendmicro.com/suppo...tID=EN-1034587 ..."

    -----------------------------------------------------------
    - http://support.f-secure.com/enu/corp...hotfixes.shtml
    F-Secure Anti-Virus Client Security 6.02 and 6.03
    Mar 12, 2007 - Client Security Hotfix FSAVCS603_HF02 (675 KB)
    "This hotfix improves error handling in the parts of F-Secure BackWeb Client responsible for setting the Management Server address on the Client side."



    FYI...

    Kaspersky multiple vulns - updates available
    - http://secunia.com/advisories/24778/
    Release Date: 2007-04-05
    Critical: Highly critical
    Impact: Privilege escalation, DoS, System access, Exposure of sensitive information, Exposure of system information
    Where: From remote
    Solution Status: Vendor Patch
    Solution: Update to version 6.0.2.614 or later.

    Kaspersky Anti-Virus for Windows Workstations:
    http://www.kaspersky.com/productupda...pter=146274385
    Kaspersky Anti-Virus for Windows Server:
    http://www.kaspersky.com/productupda...pter=146274391
    Kaspersky Internet Security 6.0:
    http://www.kaspersky.com/productupda...pter=186437046
    Kaspersky Anti-Virus 6.0:
    http://www.kaspersky.com/productupda...pter=186435857 ..."

    .

    FYI...

    McAfee VirusScan vuln - update available
    - http://secunia.com/advisories/24914/
    Release Date: 2007-04-18
    Critical: Moderately critical
    Impact: DoS, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: McAfee VirusScan Enterprise 8.x
    ...The vulnerability reportedly affects versions 8.0i Patch 11 and prior.
    Solution: Apply Patch 12 or later.
    https://mysupport.mcafee.com/eservice_enu/start.swe ...

    McAfee e-Business Svr DoS vuln - update available
    - http://secunia.com/advisories/24893/
    Release Date: 2007-04-18
    Critical: Less critical
    Impact: DoS
    Where: From local network
    Solution Status: Vendor Patch
    Software: McAfee e-Business Server 8.x ...
    Solution: Apply updates.
    https://secure.nai.com/apps/download...ucts/login.asp ...
    Original Advisory: McAfee:
    http://preview.tinyurl.com/2wlsg9 ...

    .

    FYI...

    avast! DoS Vuln - update available
    - http://secunia.com/advisories/25137/
    Release Date: 2007-05-08
    Critical: Less critical
    Impact: DoS
    Where: From remote
    Solution Status: Vendor Patch
    Software: avast! Home/Professional 4.x
    ...The vulnerability is reported in avast! Home Edition and avast! Professional Edition.
    Solution: Update to version 4.7.981 or later...
    Original Advisory:
    avast!: http://www.avast.com/eng/avast-4-hom...n-history.html ..."

    .

    FYI...

    McAfee SecurityCenter ActiveX vuln - updates available
    - http://secunia.com/advisories/25173/
    Release Date: 2007-05-09
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch ...
    ...The vulnerability affects versions -prior- to 7.2.147 and 6.0.25.
    Solution: The fix has reportedly been available via automatic updates since March 22, 2007.
    Update to Security Center version 7.2.147 and 6.0.25, or higher.
    http://us.mcafee.com/root/login.asp ..."



    FYI...

    Trend Micro ServerProtect vuln - update available

    - http://secunia.com/advisories/25186/
    Last Update: 2007-05-09
    Critical: Moderately critical
    Impact: System access
    Where: From local network
    Solution Status: Vendor Patch
    Software: Trend Micro ServerProtect for Windows/NetWare 5.x
    ...Successful exploitation of the vulnerabilities allows execution of arbitrary code...
    Original Advisory: Trend Micro:
    http://www.trendmicro.com/download_b...p?productid=17 ..."

    > http://isc.sans.org/diary.html?storyid=2774
    Last Updated: 2007-05-09 16:04:05 UTC



    FYI...

    NOD32 AV vuln - update available
    - http://secunia.com/advisories/25375/
    Release Date: 2007-05-23
    Critical: Moderately critical
    Impact: Privilege escalation, System access
    Where: From remote
    Solution Status: Vendor Patch
    Software: NOD32 for Windows NT/2000/XP/2003 2.x
    ...Successful exploitation may allow execution of arbitrary code.
    The vulnerabilities are reported in versions prior to 2.70.37.
    Solution: Update to version 2.70.39.
    http://www.eset.com/download/registered_software.php ..."

    .

    FYI...

    - http://secunia.com/advisories/25380/
    Release Date: 2007-05-24
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    ...Successful exploitation may allow execution of arbitrary code.
    The vulnerability reportedly affects versions prior to 4.7.766 for servers and 4.7.700 for the Managed Client product.
    Solution: Update to the latest versions.
    http://www.avast.com/eng/download.html
    Original Advisory: avast!:
    http://www.avast.com/eng/adnm-manage...n-history.html
    http://www.avast.com/eng/avast-4-ser...n-history.html ..."

    .

    FYI...

    - http://secunia.com/advisories/25417/
    Release Date: 2007-05-29
    Critical: Highly critical
    Impact: DoS, System access
    Where: From remote
    Solution Status: Vendor Patch...
    Solution: Update to AVPack version 7.03.00.09 and Engine version 7.04.00.24. These updates have reportedly been made available since 2007-05-23...
    Original Advisory: Avira:
    http://forum.antivir-pe.de/thread.php?threadid=22528 ..."

    .

    FYI...

    F-Secure Anti-Virus 5 hotfixes
    > http://support.f-secure.com/enu/corp...hotfixes.shtml

    ------------------------------------------------

    F-Secure Products vuln - updates available
    - http://secunia.com/advisories/25426/
    Release Date: 2007-05-30
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch
    Software:
    F-Secure Anti-Virus 2005
    F-Secure Anti-Virus 2006
    F-Secure Anti-Virus 2007
    F-Secure Anti-Virus 5.x
    F-Secure Anti-Virus Client Security 6.x
    F-Secure Anti-Virus for Citrix Servers 5.x
    F-Secure Anti-Virus for Linux 4.x
    F-Secure Anti-Virus for Microsoft Exchange 6.x
    F-Secure Anti-Virus for MIMEsweeper 5.x
    F-Secure Anti-Virus for Windows Servers 5.x
    F-Secure Anti-Virus for Workstations 5.x
    F-Secure Internet Gatekeeper 6.x
    F-Secure Internet Gatekeeper for Linux 2.x
    F-Secure Internet Security 2005
    F-Secure Internet Security 2006
    F-Secure Internet Security 2007 ...
    The vulnerability is caused due to a boundary error in the processing of LHA archives and can be exploited to cause a buffer overflow when decompressing a specially crafted archive.
    The vulnerability is related to #1 in: http://secunia.com/SA21996/
    Successful exploitation may allow execution of arbitrary code.
    Solution: Apply hotfixes.
    F-Secure Internet Security 2005 - 2007: Hotfix distributed automatically.
    F-Secure Anti-Virus 2005 - 2007: Hotfix distributed automatically.
    F-Secure Protection Service for Consumers: Hotfix distributed automatically...
    Original Advisory: F-Secure: http://www.f-secure.com/security/fsc-2007-1.shtml ..."
    ------------------------------------------------

    F-Secure AV vuln - update available
    - http://secunia.com/advisories/25439/
    Release Date: 2007-05-30
    Critical: Less critical
    Impact: Privilege escalation
    Where: Local system
    Solution Status: Vendor Patch
    Software:
    F-Secure Anti-Virus 2005
    F-Secure Anti-Virus 2006
    F-Secure Anti-Virus 2007
    F-Secure Anti-Virus 5.x
    F-Secure Anti-Virus Client Security 6.x
    F-Secure Anti-Virus for Citrix Servers 5.x
    F-Secure Anti-Virus for MIMEsweeper 5.x
    F-Secure Anti-Virus for Windows Servers 5.x
    F-Secure Anti-Virus for Workstations 5.x
    F-Secure Internet Security 2005
    F-Secure Internet Security 2006
    F-Secure Internet Security 2007
    ...The vulnerability is caused due to an error in the real-time scanning component and can be exploited to execute arbitrary code with escalated privileges via specially crafted I/O request packets.
    Solution: F-Secure Internet Security 2005 - 2007: Hotfix distributed automatically.
    F-Secure Anti-Virus 2005 - 2007: Hotfix distributed automatically.
    F-Secure Protection Service for Consumers 5.00 - 6.40: Hotfix distributed automatically...
    Original Advisory: F-Secure: http://www.f-secure.com/security/fsc-2007-2.shtml ..."
    ----------------------------

    F-Secure Policy Mgr Svr DoS Vuln - update available
    - http://secunia.com/advisories/25449/
    Release Date: 2007-05-30
    Critical: Less critical
    Impact: DoS
    Where: From local network
    Solution Status: Vendor Patch
    ...The vulnerability is caused due to an error within the fsmsh.dll host module and can be exploited to e.g. crash the server by specifying NTFS reserved names as URL filenames. The vulnerability affects versions 7.00 and prior.
    Solution: Update to 7.01 or apply hotfix. http://www.f-secure.com/webclub/fspm.html
    ftp://ftp.f-secure.com/support/hotfi...70-hotfix2.zip ...
    Original Advisory: F-Secure:
    http://www.f-secure.com/security/fsc-2007-4.shtml ..."

    .
    Last edited by AplusWebMaster; 2010-08-23 at 21:27. Reason: archive
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #2
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Symantec Ghost/Reporting-Svr vulns - updates available

    FYI...

    - http://secunia.com/advisories/25539/
    Release Date: 2007-06-06
    Critical: Less critical
    Impact: DoS
    Where: From local network
    Solution Status: Vendor Patch
    Software: Symantec Ghost Solution Suite 1.x, Symantec Ghost Solution Suite 2.x ...
    Original Advisory: Symantec:
    http://securityresponse.symantec.com...07.06.05b.html ..."

    - http://secunia.com/advisories/25543/
    Release Date: 2007-06-06
    Critical: Moderately critical
    Impact: Security Bypass, Manipulation of data, Exposure of sensitive information
    Where: From local network
    Solution Status: Vendor Patch
    Software: Symantec AntiVirus Corporate Edition 10.x, Symantec Client Security 3.x, Symantec Reporting Server 1.x ...
    Solution: Update to version 1.0.224.0.
    SAV 10.1 MR6 build 6000 (10.1.6.6000) or later / SCS 3.1 MR6 build 6000 (3.1.6.6000) or later:
    https://fileconnect.symantec.com/licenselogin.jsp ...
    Original Advisory:
    Symantec:
    http://securityresponse.symantec.com...007.06.05.html
    http://securityresponse.symantec.com...07.06.05a.html ..."

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #3
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation CA AV vuln - update available

    FYI...

    CA Anti-Virus Engine CAB Archive Processing Buffer Overflows
    - http://secunia.com/advisories/25570/
    Release Date: 2007-06-06
    Critical: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Vendor Patch ...
    Solution: Content update 30.6 has been issued to address the vulnerabilities (please see the vendor's advisory for details)...
    Original Advisory: CA:
    http://supportconnectw.ca.com/public...ritynotice.asp ..."


    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #4
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    McAfee ePolicy Orchestrator / ProtectionPilot Common Management Agent Vulns
    - http://secunia.com/advisories/26029/
    Release Date: 2007-07-11
    Critical: Moderately critical
    Impact: System access
    Where: From local network
    Solution Status: Vendor Patch
    Software: McAfee ePolicy Orchestrator 3.x, McAfee ProtectionPilot 1.x
    ...Successful exploitation of this vulnerability allows execution of arbitrary code...
    Solution: Apply patches. Please see the vendor's advisories for details...
    McAfee:
    https://knowledge.mcafee.com/article...AL_Public.html
    https://knowledge.mcafee.com/article...AL_Public.html
    https://knowledge.mcafee.com/article...AL_Public.html
    https://knowledge.mcafee.com/article...AL_Public.html ...

    - http://www.us-cert.gov/current/#mcaf...ulnerabilities
    July 16, 2007

    .
    Last edited by AplusWebMaster; 2007-07-17 at 22:06.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #5
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Trend Micro OfficeScan vuln - updates available
    - http://atlas.arbor.net/briefs/index#-1118575019
    July 17, 2007 - "A malicious web request with an overly long session cookie can be sent to the Trend Micro OfficeScan web interface to trigger a buffer overflow in the component CGIOCommon.dll. Successful exploitation can allow the remote, anonymous attacker to execute code on the system with the permissions of the IIS web server. Trend Micro has released updated code to address this issue.
    Analysis: This is a relatively trivial attack to launch for most attackers. We have not yet seen tools to exploit this, but we expect that some will be developed soon.
    Source:
    > http://labs.idefense.com/intelligenc...lay.php?id=559
    7.16.07 - "...Trend Micro has addressed this vulnerability by releasing the following patches for affected products.
    CSM3.6 security patch 1149
    CSM3.5 security patch 1152
    CSM3.0 security patch 1209
    http://www.trendmicro.com/download/p...p?productid=39
    OSCE 8.0 security patch 1042
    OSCE 7.3 security patch 1293
    OSCE 7.0 security patch 1364
    OSCE 6.5 security patch 1364
    OSCE 6.0 for SMB2.0 security patch 1398
    http://www.trendmicro.com/download/p...sp?productid=5 ..."

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #6
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    Updated:

    Symantec AntiVirus Malformed RAR and CAB Compression Type Bypass - SYM07-019
    - http://www.symantec.com/avcenter/sec...07.07.11f.html
    Last modified on: Wednesday, 18-Jul-07 16:53:13 ...
    Revision History:
    Removed invalid CVE information
    Added missing product information
    Updated Symantec AntiVirus Corporate addition version information
    Added information and link to new update tool for Symantec AntiVirus and Symantec Client Security
    Risk Impact: High
    Remote Access: -Yes- ...

    > http://service1.symantec.com/SUPPORT...07071111591448
    Last Modified: 07/18/2007

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #7
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    > http://atlas.arbor.net/briefs/index#1027704494
    Panda Antivirus EXE File Parsing Buffer Overflow Vulnerability
    Severity: High Severity
    Published: July 23, 2007
    Panda AV is vulnerable to a buffer overflow when processing Windows EXE files. The error comes in an integer cast when parsing EXE header data. A malicious attacker could send the victim a malformed EXE file to be processed by Panda AV. This would then allow the attacker to run arbitrary code on the victim's computer. Updates have been made available.
    Analysis: This is a similar issue to the Eset NOD32 file processing issue and nearly a dozen such vulnerabilities recently. We believe that this trend will continue for some time.
    Source: http://secunia.com/advisories/26171/

    NOD32 Antivirus Multiple File Processing Vulnerabilities
    Severity: High Severity
    Published: July 23, 2007
    Eset NOD32 antivirus is vulnerable to file processing vulnerabilities that could be abused by a remote attacker to compromise a system. The AV software has problems processing CAB, ASPack, and FSG packed files. Malformed files could be sent to a victim to be processed by NOD32 and then run arbitrary code on the server. Eset has issued updated software to address this issue.
    Analysis: This is another AV vulnerability in handling files. We do not expect it to be the last one, in this package or any other AV package.
    Source: http://secunia.com/advisories/26124/

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #8
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation CA AV and other multiple products vuln - updates available

    FYI...

    CA AV and other multiple products vuln - updates available
    - http://secunia.com/advisories/26155/
    Release Date: 2007-07-25
    Critical: Moderately critical
    Impact: DoS
    Where: From remote
    Solution Status: Vendor Patch ...
    Description: Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS...

    (See the advisory for the long list of affected products.)

    Also see: http://secunia.com/advisories/26190/
    Release Date: 2007-07-25
    Critical: Moderately critical
    Impact: System access
    Where: From local network
    Solution Status: Vendor Patch
    ...The vulnerability affects all versions of the CA Message Queuing software prior to v1.11 Build 54_4 on Windows and Netware..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #9
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    ClamAV multiple vulns - update available
    - http://secunia.com/advisories/26530/
    Release Date: 2007-08-22
    Critical: Moderately critical
    Impact: DoS
    Where: From remote
    Solution Status: Vendor Patch
    Software: Clam AntiVirus (clamav) 0.x...
    Solution:
    Update to version 0.91.2.
    - http://sourceforge.net/project/showf...ease_id=533658
    2007-08-21


    Trend Micro ServerProtect multiple vulns - update available
    - http://secunia.com/advisories/26523/
    Release Date: 2007-08-22
    Critical: Moderately critical
    Impact: System access
    Where: From local network
    Solution Status: Vendor Patch
    Software: Trend Micro ServerProtect for Windows/NetWare 5.x...
    Solution: Apply Security Patch 4 - Build 1185.
    http://www.trendmicro.com/ftp/produc...ritypatch4.exe
    Original Advisory: Trend Micro:
    http://www.trendmicro.com/ftp/docume...ch4_readme.txt

    Also see: http://secunia.com/advisories/26557/
    Software: Trend Micro Anti-Spyware 3.x, Trend Micro PC-cillin Internet Security 2007

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #10
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Sophos AV vuln - update available
    - http://secunia.com/advisories/26580/
    Release Date: 2007-08-24
    Critical: Moderately critical
    Impact: DoS
    Where: From remote
    Solution Status: Vendor Patch
    Software: Sophos Anti-Virus...
    The vulnerabilities are reported in Sophos Anti-Virus with engine versions prior to 2.48.0.
    Solution: Update to engine version 2.48.0 or later...
    Original Advisory: http://www.sophos.com/support/knowle...cle/28407.html
    http://www.sophos.com/support/knowle...cle/14244.html ...

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •