Description
F-Secure reported multiple security vulnerabilities
in its anti-virus products for customer
and enterprise users. By exploiting
these vulnerabilities attackers can
inject and execute malicious code or
crash the service using crafted executable
files or archives.
1) Buffer overflow vulnerability in handling of specially crafted
LHA archives
- Several F-Secure products have a buffer overflow vulnerability
in processing LHA archives. This may allow an attacker to execute
arbitrary code or to create a denial-of-service condition. This vulnerability
is related to a similar vulnerability in GZIP program's handling
of LZH-compressed archives.
2) IOCTL vulnerability in Real-time Scanning component of F-Secure
workstation and file server products for Windows
- IOCTL (Input/Output Control) vulnerability in Real-time Scanning
component may allow an attacker to gain elevated privileges to the
system.
3) Vulnerabilities in scanning of specially crafted archives and
certain packed executables
- Specially crafted archives and packed executables set antivirus
scanning to loop.
4) Denial of service vulnerability in F-Secure Policy Manager Server
host module
- F-Secure Policy Manager Server has denial of service vulnerability
in fsmsh.dll host module. This may allow an attacker to execute denial
of service code in F-Secure Policy Manager Server.
Product
affected
F-Secure Anti-Virus for Workstations version 5.44 and
earlier
F-Secure Anti-Virus for Windows Servers version 5.52 and earlier
F-Secure Anti-Virus for Citrix Servers version 5.52
F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier
F-Secure Anti-Virus Client Security version 6.03 and earlier
F-Secure Anti-Virus for MS Exchange version 6.40 and earlier
F-Secure Internet Gatekeeper version 6.60 and earlier
F-Secure Internet Security 2005, 2006 and 2007
F-Secure Anti-Virus 2005, 2006 and 2007
Solutions based on F-Secure Protection Service for Consumers version
6.40 and earlier
F-Secure Anti-Virus for Linux Servers version 4.65 and earlier
F-Secure Anti-Virus for Linux Gateways version 4.65 and earlier
F-Secure Anti-Virus Linux Client Security 5.30 and earlier
F-Secure Anti-Virus Linux Server Security 5.30 and earlier
F-Secure Internet Gatekeeper for Linux 2.16 and earlier
Solution
Hotfix was released in last week. It is recommends
customers to install the hotfix on affected F-Secure system.
- Buffer overflow vulnerability in handling of specially crafted
LHA archives, pls refer to F-Secure Security Bulletin FSC-2007-1
- IOCTL vulnerability in Real-time Scanning component of F-Secure
workstation and file server products for Windows, pls refer to F-Secure
Security Bulletin FSC-2007-2
- Vulnerabilities
in scanning of specially crafted archives and certain packed executables,
pls refer to F-Secure
Security Bulletin FSC-2007-3
- Denial of service vulnerability in F-Secure Policy Manager Server
host module, pls refer to F-Secure Security Bulletin FSC-2007-4
Source
F-Secure
|
Enquiry
Hotline: 2102 5894 Email: