lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Dec 2008 13:17:09 +0530 From: "iViZ Security Advisories" <advisories@...zsecurity.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass On Wed, Dec 10, 2008 at 5:39 PM, iViZ Security Advisories <advisories@...zsecurity.com> wrote: > ----------------------------------------------------------------------- > [ iViZ Security Advisory 08-016 10/12/2008 ] > ----------------------------------------------------------------------- > iViZ Techno Solutions Pvt. Ltd. > http://www.ivizsecurity.com > ----------------------------------------------------------------------- > > * Title: F-Secure f-prot Antivirus for Linux corrupted ELF header > Security Bypass. > * Date: 10/12/2008 > * Software: f-prot version 4.6.8 for GNU/Linux > > --[ Synopsis: > > It is possible to protect an ELF binary against > f-prot by corrupting its ELF header, while letting > the binary completely functional. F-prot will crash > when analyzing the file, letting the possible malware > undetected. > > --[ Affected Software: > > * f-prot version 4.6.8 for GNU/Linux > > --[ Impact: > > Remote DoS, possibly remote code execution. > > --[ Vendor response: > > * No vendor response > > --[ Credits: > > This vulnerability was discovered by Security Researcher > Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd. > > --[ Disclosure timeline: > > * First private disclosure to vendor on September 1st 2008. > > --[ Reference: > > http://www.ivizsecurity.com/security-advisory.html > Hi, This is to correct our previous advisory IVIZ-08-016 published on December 10, 2008. The advisory mentions F-Secure by mistake instead of just F-Prot. F-Secure product is not affected by the vulnerability mentioned in the advisory. The updated advisory reflecting the changes is available at: http://www.ivizsecurity.com/security-advisory-iviz-sr-08016.html -- iViZ Security Research Team http://www.ivizsecurity.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists