c.m.g
13-02-2008, 17:59
13 febbraio 2008
La società di sicurezza Secunia (http://secunia.com) ha riportato un advisory (SA28919 (http://secunia.com/advisories/28919/)), giudicata Less critical, in cui si spiega che Thierry Zoller del n.runs AG. ha trovato una vulnerabilità in vari prodotti F-Secure che può essere usato da un malware per bypassare le funzionalità di scansione.
La vulnerabilità è causata da un errore di manipolazione dei files CAB e RAR da parte dei software citati che può essere usato da malware per bypassare le funzionalità di scanning, specialmente in file .rar o .cab creato ad hoc da malintenzionati.
Nello specifico, questi sono i Software ed i relativi sistemi operativi colpiti da questo bug:
F-Secure Anti-Virus 2006
F-Secure Anti-Virus 2007
F-Secure Anti-Virus 2008
F-Secure Anti-Virus Client Security 6.x
F-Secure Anti-Virus Client Security 7.x
F-Secure Anti-Virus for Citrix Servers 5.x
F-Secure Anti-Virus for Linux 4.x
F-Secure Anti-Virus for Microsoft Exchange 6.x
F-Secure Anti-Virus for Microsoft Exchange 7.x
F-Secure Anti-Virus for MIMEsweeper 5.x
F-Secure Anti-Virus for Windows Servers 5.x
F-Secure Anti-Virus for Windows Servers 7.x
F-Secure Anti-Virus for Workstations 5.x
F-Secure Anti-Virus for Workstations 7.x
F-Secure Anti-Virus Linux Client Security 5.x
F-Secure Anti-Virus Linux Server Security 5.x
F-Secure Internet Gatekeeper 6.x
F-Secure Internet Gatekeeper for Linux 2.x
F-Secure Internet Security 2006
F-Secure Internet Security 2007
F-Secure Internet Security 2008
I prodotti nello specifico sono:
* F-Secure Internet Security 2008
* F-Secure Internet Security 2007 Second Edition
* F-Secure Internet Security 2007
* F-Secure Internet Security 2006
* F-Secure Anti-Virus 2008
* F-Secure Anti-Virus 2007, v.7.02
* F-Secure Anti-Virus 2007
* F-Secure Anti-Virus 2006
* F-Secure Anti-Virus Client Security 7.10
* F-Secure Anti-Virus Client Security 7.01
* F-Secure Anti-Virus Client Security 6.03
* F-Secure Anti-Virus Client Security 6.02
* F-Secure Anti-Virus for Workstations 7.10
* F-Secure Anti-Virus for Workstations 7.00
* F-Secure Anti-Virus for Workstations 5.44
* F-Secure Anti-Virus Linux Client Security 5.53
* F-Secure Anti-Virus Linux Client Security 5.52
* F-Secure Anti-Virus for Linux 4.65
* Solutions based on F-Secure Protection Service for Consumers version 7.00 and earlier
* Solutions based on F-Secure Protection Service for Business version 3.00 and earlier
* F-Secure Anti-Virus for Windows Servers 7.00
* F-Secure Anti-Virus for Windows Servers 5.52
* F-Secure Anti-Virus for Citrix Servers 5.52
* F-Secure Anti-Virus Linux Server Security 5.53
* F-Secure Anti-Virus Linux Server Security 5.52
* F-Secure Anti-Virus for Microsoft Exchange 7.0
* F-Secure Anti-Virus for Microsoft Exchange 6.62
* F-Secure Internet Gatekeeper 6.61, Windows
* F-Secure Internet Gatekeeper for Linux 2.16
* F-Secure Anti-Virus for MIMEsweeper 5.61
* F-Secure Messaging Security Gateway 4.0.7 and earlier
Soluzione:
Applicare le patch di riferimenti per ciascun prodotto, seguire l'advisory originale per maggiori info.
Original Advisory:
http://www.f-secure.com/security/fsc-2008-1.shtml
Fonte: Secunia (http://secunia.com/advisories/28919/)
La società di sicurezza Secunia (http://secunia.com) ha riportato un advisory (SA28919 (http://secunia.com/advisories/28919/)), giudicata Less critical, in cui si spiega che Thierry Zoller del n.runs AG. ha trovato una vulnerabilità in vari prodotti F-Secure che può essere usato da un malware per bypassare le funzionalità di scansione.
La vulnerabilità è causata da un errore di manipolazione dei files CAB e RAR da parte dei software citati che può essere usato da malware per bypassare le funzionalità di scanning, specialmente in file .rar o .cab creato ad hoc da malintenzionati.
Nello specifico, questi sono i Software ed i relativi sistemi operativi colpiti da questo bug:
F-Secure Anti-Virus 2006
F-Secure Anti-Virus 2007
F-Secure Anti-Virus 2008
F-Secure Anti-Virus Client Security 6.x
F-Secure Anti-Virus Client Security 7.x
F-Secure Anti-Virus for Citrix Servers 5.x
F-Secure Anti-Virus for Linux 4.x
F-Secure Anti-Virus for Microsoft Exchange 6.x
F-Secure Anti-Virus for Microsoft Exchange 7.x
F-Secure Anti-Virus for MIMEsweeper 5.x
F-Secure Anti-Virus for Windows Servers 5.x
F-Secure Anti-Virus for Windows Servers 7.x
F-Secure Anti-Virus for Workstations 5.x
F-Secure Anti-Virus for Workstations 7.x
F-Secure Anti-Virus Linux Client Security 5.x
F-Secure Anti-Virus Linux Server Security 5.x
F-Secure Internet Gatekeeper 6.x
F-Secure Internet Gatekeeper for Linux 2.x
F-Secure Internet Security 2006
F-Secure Internet Security 2007
F-Secure Internet Security 2008
I prodotti nello specifico sono:
* F-Secure Internet Security 2008
* F-Secure Internet Security 2007 Second Edition
* F-Secure Internet Security 2007
* F-Secure Internet Security 2006
* F-Secure Anti-Virus 2008
* F-Secure Anti-Virus 2007, v.7.02
* F-Secure Anti-Virus 2007
* F-Secure Anti-Virus 2006
* F-Secure Anti-Virus Client Security 7.10
* F-Secure Anti-Virus Client Security 7.01
* F-Secure Anti-Virus Client Security 6.03
* F-Secure Anti-Virus Client Security 6.02
* F-Secure Anti-Virus for Workstations 7.10
* F-Secure Anti-Virus for Workstations 7.00
* F-Secure Anti-Virus for Workstations 5.44
* F-Secure Anti-Virus Linux Client Security 5.53
* F-Secure Anti-Virus Linux Client Security 5.52
* F-Secure Anti-Virus for Linux 4.65
* Solutions based on F-Secure Protection Service for Consumers version 7.00 and earlier
* Solutions based on F-Secure Protection Service for Business version 3.00 and earlier
* F-Secure Anti-Virus for Windows Servers 7.00
* F-Secure Anti-Virus for Windows Servers 5.52
* F-Secure Anti-Virus for Citrix Servers 5.52
* F-Secure Anti-Virus Linux Server Security 5.53
* F-Secure Anti-Virus Linux Server Security 5.52
* F-Secure Anti-Virus for Microsoft Exchange 7.0
* F-Secure Anti-Virus for Microsoft Exchange 6.62
* F-Secure Internet Gatekeeper 6.61, Windows
* F-Secure Internet Gatekeeper for Linux 2.16
* F-Secure Anti-Virus for MIMEsweeper 5.61
* F-Secure Messaging Security Gateway 4.0.7 and earlier
Soluzione:
Applicare le patch di riferimenti per ciascun prodotto, seguire l'advisory originale per maggiori info.
Original Advisory:
http://www.f-secure.com/security/fsc-2008-1.shtml
Fonte: Secunia (http://secunia.com/advisories/28919/)