F-Secure Products Security Bypass Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with F-Secure Product and is prone to Security Bypass vulnerability.

Impact

Successful attacks can allow attackers to bypass scanning detection and possibly launch further attacks on the vulnerable system. Impact Level: Application

Solution

Apply patch or Upgrade to Higher version http://www.f-secure.com/en_EMEA/downloads http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html

Insight

Error in the file parsing engine can be exploited to bypass the anti-virus scanning functionality via a specially crafted ZIP or RAR file.

Affected

F-Secure Linux Security prior to 7.03 build 81803 F-Secure Internet Gatekeeper for Linux prior to 3.02 build 1221 F-Secure Anti-Virus Linux Client and Server Security 5.54 and prior

References

http://secunia.com/advisories/35008
http://www.vupen.com/english/advisories/2009/1262
http://xforce.iss.net/xforce/xfdb/50346

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1782
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

JRun Sample Files
SMTP server on a strange port
IIS Possible Compromise
F-Secure Products Security Bypass Vulnerability (Linux)
F-Secure Products Malware Detection Bypass Vulnerability (Win)

Take action and discover your vulnerabilities