NOD32 Antivirus Detected File Action Buffer Overflow
Vulnerabilities
Secunia Advisory: SA25375
Release Date: 2007-05-23
Last Update: 2007-06-01
Critical: Moderately critical
Impact: Privilege escalation
System access Where: From remote
Solution Status: Vendor Patch
Software: NOD32 for Windows NT/2000/XP/2003 2.x
CVE reference: CVE-2007-2852 (Secunia mirror)
Description:
Ismael Briones has reported two vulnerabilities in Nod32
Antivirus,
which potentially can be exploited by malicious users to
gain escalated
privileges, or by malicious people to compromise a
vulnerable system.
The vulnerabilities are caused due to boundary errors when
performing
actions on a detected file (e.g. "Rename" or
"Delete). These can be
exploited to cause stack-based buffer overflows when
performing certain
actions on a detected file with an overly long, specially
crafted path name.
Successful exploitation may allow execution of arbitrary
code.
The vulnerabilities are reported in versions prior to
2.70.37.
Solution:
Update to version 2.70.39.
http://www.eset.com/download/registered_software.php
Provided and/or discovered by:
Ismael Briones
Changelog:
2007-05-24: Updated advisory title and description.
2007-06-01: Added CVE reference.
Original Advisory:
ESET:
http://www.eset.
com/support/news.php
Ismael Briones:
http://www.inkatel.com/wp-content/uploads/2007/05/
Advisory.txt
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|
