Multiple AV vendor vulns - archived

**AplusWebMaster** · 2008-12-02, 12:10

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/32926/
Release Date: 2008-12-02
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x
...The vulnerability is reported in versions prior to 0.94.2.
Solution: Update to version 0.94.2.
Original Advisory: ClamAV:
http://sourceforge.net/project/shown...ease_id=643134

Download:
- http://www.clamav.net/download/sources
"...Latest stable release: ClamAV 0.94.2..."

Changelog:
- http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog

**AplusWebMaster** · 2008-12-19, 15:33

FYI...

ESET Smart Security vuln - update available
- http://secunia.com/advisories/33210/
Release Date: 2008-12-19
Critical: Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software: ESET Smart Security 3.x
...The vulnerability is confirmed in version 3.0.672. Other versions prior to 3.0.684 may also be affected...
Solution: Update to version 3.0.684...
- http://www.eset.com/joomla/index.php...=4113&Itemid=5
• stability and security fixes

**AplusWebMaster** · 2008-12-20, 15:34

FYI...

Sophos AV vuln - update available
- http://secunia.com/advisories/33177/
Release Date: 2008-12-19
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
...The vulnerability is caused due to an unspecified error when processing certain malformed CAB archives. This can be exploited to crash the application and may allow the execution of arbitrary code...
Solution: Fixed in the Sophos virus engine 2.82.1.
Original Advisory: Sophos:
http://www.sophos.com/support/knowle...cle/50611.html ...

**AplusWebMaster** · 2008-12-22, 12:06

FYI...

Trend Micro HouseCall ActiveX vuln - update available
- http://secunia.com/advisories/31583/
Release Date: 2008-12-21
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Trend Micro HouseCall ActiveX Control 6.x, Trend Micro HouseCall Server 6.x
...Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in versions 6.51.0.1028 and 6.6.0.1278. Other versions may also be affected.
Solution: Remove the ActiveX control and install version 6.6.0.1285.
http://prerelease.trendmicro-europe.com/hc66/launch/

**AplusWebMaster** · 2009-01-15, 15:56

FYI...

Avira Antivir vuln - update available
- http://secunia.com/advisories/33541/
Release Date: 2009-01-15
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Avira AntiVir Personal Edition Classic 7.x, 8.x, Premium 7.x, Premium 8.x, Premium Security Suite 7.x, Server 6.x, UNIX MailGate 2.x, Workstation 7.x, 8.x, Premium Security Suite 7.x
...The vulnerabilities are caused due to errors in the handling of RAR files. These can be exploited to crash an affected program via a specially crafted RAR archive.
Solution: Update the scanning engine to versions 7.9.0.54, 8.2.0.54, or later.
Original Advisory: Avira:
http://forum.avira.com/wbb/index.php...threadID=81148 ...

**AplusWebMaster** · 2009-02-23, 12:20

FYI...

F-Secure Anti-Virus Client Security hotfix
- http://support.f-secure.com/enu/corp...hotfixes.shtml
Feb 17, 2009 - "Client Security Hotfix fsav744-06
F-Secure Client Security versions 7.12 * All supported platforms
...After having applied this hotfix, the product gains ability to handle USB-carried malware known under the following aliases: Downadup and Conficker.
Note: A reboot is not required after installing the hotfix..."

**AplusWebMaster** · 2009-04-03, 12:27

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/34566/
Release Date: 2009-04-03
Critical: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x ...
Solution: Update to version 0.95...
- http://www.clamav.net/download/sources

- http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog

- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1241
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1270
Last revised: 04/10/2009

**AplusWebMaster** · 2009-04-29, 14:23

FYI...

Symantec Alert Management System 2 multiple vulns - SYM09-007
- http://preview.tinyurl.com/dngt55
April 28, 2009 Symantec Security Advisories:
Remote Access: Yes
Local Access: Yes...
"The version of Alert Management System 2 (AMS2) used by some versions of Symantec System Center, Symantec Antivirus Server, and Symantec AntiVirus Central Quarantine Server contains four vulnerabilities... (see) Affected Products table... Updates have been released to address these issues..."
- http://secunia.com/advisories/34856/2/
Release Date: 2009-04-29
Critical: Moderately critical
Impact: Privilege escalation, System access
Where: From local network
Solution Status: Vendor Patch
Software: Symantec AntiVirus Corporate Edition 10.x, Symantec AntiVirus Corporate Edition 9.x, Symantec Client Security 2.x, Symantec Client Security 3.x, Symantec Endpoint Protection 11.x...

- http://preview.tinyurl.com/cacnwe
Symantec Security Advisories
4/28/09 - Symantec Alert Management System 2 multiple vulnerabilities - SYM09-007
4/28/09 - Symantec Log Viewer JavaScript Injection Vulnerabilities - SYM09-006
4/28/09 - Symantec Reporting Server Improper URL Handling Exposure - SYM09-008

**AplusWebMaster** · 2009-04-30, 22:38

FYI...

McAfee Security Bulletin - VirusScan Engine update fixes bypasses
- https://kc.mcafee.com/corporate/inde...tp=LIST_RECENT
April 29, 2009
• Description
There is an issue with engine DAT versions where specially crafted archive files could cause a scanning process to miss files within the archive. These archives are corrupt, but still functional by some end user archive programs. This could allow malware to bypass a scanner on a gateway. Users utilizing on-access scanning on endpoint devices should not be affected, as the scanner will see the files after the archive is opened. An attack, even if it is successful at bypassing the gateway, will have no lasting effect on the endpoint running an on-access scanner, which is the default and recommended way of running our Anti-Virus products. Updating to the latest product version will resolve this issue.
• Remediation
Overview: Download appropriate DAT file 5600 or later.
Obtaining the Binaries: http://www.mcafee.com/apps/downloads...pdates/dat.asp
• Workaround
All users should enable On-Access-Scanning on all endpoint devices. This is the default setting after installation. By using On-Access-Scanning, endpoints will catch any threats that may pass on gateway devices. McAfee has long supported a defense-in-depth strategy that includes running antivirus software on multiple points of your network, including gateways, file servers, and especially endpoints...

**AplusWebMaster** · 2009-05-07, 13:53

FYI...

F-Secure ZIP and RAR archives vulns
- http://secunia.com/advisories/35008/2/
Release Date: 2009-05-06
Critical: Not critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
Software: F-Secure Anti-Virus...
Solution: Apply patches. Please see the vendor's advisory for details...
Original Advisory: FSC-2009-1:
http://www.f-secure.com/en_EMEA/supp...sc-2009-1.html ...
2009-05-06

Thread: Multiple AV vendor vulns - archived

Thread Tools

Display

ClamAV vuln - update available

F-Secure Anti-Virus Client Security hotfix

ClamAV multiple vulns - update available

Symantec - SYM09-007

McAfee Security Bulletin - VirusScan Engine update fixes bypasses

F-Secure ZIP and RAR archives vulns

Posting Permissions