|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : WLB-2008070049 | ||||||
 SecurityAlert : None
Credit : Juan Pablo Lopez Yacubian SecurityRisk : Medium  (About) Remote : No Local : Yes Status : Bug History : [2008-07-24] Started Affected software : Outpost Security Suite Pro ver. 2009 Text : Application: Outpost Security Suite Pro ver. 2009 OS: Windows Xp (All patches a day) ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description Outpost Security Suite is a software application that contains several security, including anti-virus and is mainly a firewall but also includes an anti-spam and content control. ------------------------------------------------------ Vulnerability The vulnerability is that when using certain special characters such as file name could be left without protection for the system. The first flaw is used as a special character file name, making this could evade antivirus protection and make a file already detected by the antiviru not be detected. The second flaw is that using a certain amount of special characters such as filename to run a program that this blocked by the firewall, the firewall to detect the file, it would break the firewall and would continue to be running malicious file without restrictions. In the latter case exceptions vary depending on the type of characters which are used for example here there are two different results. Aplicación con errores: acs.exe, versión: 6.5.2358.9115, módulo con error: ntdll.dll, versión 5.1.2600.2180, dirección de error 0x000111de. Aplicación con errores: acs.exe, versión: 6.5.2358.9115, módulo con error: kernel32.dll, versión 5.1.2600.3119, dirección de error 0x0000bd85. Aplicación con errores: acs.exe, versión: 6.5.2358.9115, módulo con error: firewall.ofp, versión 6.5.2358.9115, dirección de error 0x000350b3. ------------------------------------------------------ POC/EXPLOIT To evade the virus requires the following character. ASCII:  HEX: 26 23 31 32 32 38 38 3b To perform the test to fail the firewall will require the following. ASCII:� � � ‣ ․ ‥ � HEX: 86 20 87 20 95 20 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 26 23 38 32 32 39 3b 20 85 Note: In the case of evasion of anti-virus testing must be done with a file detected by antivirus and firewall in the case obviously does not have a file that would make connections. ------------------------------------------------------ Juan Pablo Lopez Yacubian If you want change this note, please use UCP
|
||||||
| Alert | ||
*BSD libc (strfmon) Multiple vulnerabilities
Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected *BSD systems. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP 5.2.5 and prior : |
||
- 2008-03-25| Copyright © SecurityReason. All Rights Reserved. |