Avast antivirus for Linux multiple vulnerabilities

2009-07-05 / 2009-07-06
Credit: iViZ
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-119


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

----------------------------------------------------------------------- [ iViZ Security Advisory 08-013 10/12/2008 ] ----------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd. http://www.ivizsecurity.com ----------------------------------------------------------------------- * Title: Avast antivirus for Linux multiple vulnerabilities. * Date: 10/12/2008 * Software: Avast for Workstations v1.0.8 --[ Synopsis: Multiple buffer overflows were discovered in the GNU/Linux version of Avast when analyzing corrupted ISO and RPM files. --[ Affected Software: * Avast for Workstations v1.0.8 Trial versions, possibly others. --[ Impact: Remove DoS, possibly remote code execution. --[ Vendor response: * On September 24th 2008, the vendor stated : "With (the) mentioned version of avast4workstation 1.0.8_2, indeed, this bug existed. It was a stack-overflow, caused by cycling over intertwined directories on corrupted ISO files. All versions built since 22.1.2008 have this fixed. Thanks for your report." --[ Credits: This vulnerability was discovered by Security Researcher Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd. --[ Disclosure timeline: * First private disclosure to vendor on September 18th 2008. * First vendor reply on September 19th 2008. * On September 23th 2008, the vendor claims to have fixed the problem : "my colleague identified the problem few minutes ago as a bug which was fixed 22. Jan 2008." * On October 15th 2008, the vulnerable trial version link hasn't been updated: http://download664.avast.com/files/linux/avast4workstation_1.0.8-2_i386. deb --[ Reference: http://www.ivizsecurity.com/security-advisory.html

References:

http://www.securityfocus.com/bid/32747


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top