| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Dec 2006 12:50:17 +0100 From: <security@...ns.com> To: "'BugTraq'" <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk> Subject: NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory n.runs AG http://www.nruns.com/ security at nruns.com n.runs-SA-2006.005 21-Dec-2006 ________________________________________________________________________ Vendor: ESET, http://eset.com Affected Products: ESET NOD32 Antivirus Vulnerability: Arbitrary Code Execution (remote) Risk: HIGH ________________________________________________________________________ Vendor communication: 2006/08/24 initial notification of ESET 2006/08/28 ESET Response 2006/08/29 PGP keys exchange 2006/08/29 PoC files sent to ESET 2006/09/06 ESET initial feedback. 2006/09/08 ESET confirmed the bug and fixed 2006/09/08 ESET made available the updates ________________________________________________________________________ Overview: Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET's award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100% Awards than any other antivirus product. ESET was named to Deloitte's Technology Fast 500 five years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava, SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is represented worldwide in more than 100 countries. The broad product platform protects Windows, Linux, Novell and MS DOS machines. Description: A remotely exploitable vulnerability has been found in the file parsing engine. In detail, the following flaw was determined: - Heap Overflow through Integer Overflow in .CAB file parsing This problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerability. The vulnerability is present in NOD32 Antivirus software versions prior to the update v.1.1743. Solution: The vulnerability was reported on Aug 24 and an update has been issued on Sep 08 to solve this vulnerability through the regular update mechanism. ________________________________________________________________________ Credit: Bugs found by Sergio Alvarez of n.runs AG. ________________________________________________________________________ The information provided is released by n.runs "as is" without warranty of any kind. n.runs except all warranties, either express or implied, expect for the warranties of merchantability. In no event shall n.runs be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if n.runs has been advised of the possibility of such damages. Distribution or Reproduction of the information is provided that the advisory is not modified in any way. Copyright 2006 n.runs. All rights reserved. Terms of use. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists