|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA16488] HAURI Anti-Virus ACE Archive Handling Buffer Overflow
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Aug 24 2005 - 03:36:25 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
HAURI Anti-Virus ACE Archive Handling Buffer Overflow
SECUNIA ADVISORY ID:
SA16488
VERIFY ADVISORY:
http://secunia.com/advisories/16488/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
HAURI LiveCall
http://secunia.com/product/5448/
ViRobot Advanced Server
http://secunia.com/product/5556/
ViRobot Expert 4.x
http://secunia.com/product/5557/
ViRobot Linux Server 2.x
http://secunia.com/product/2048/
DESCRIPTION:
Secunia Research has discovered a vulnerability in various HAURI
anti-virus products, which can be exploited by malicious people to
compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the ACE
archive decompression library (vrAZace.dll) when extracting an
archive. This can be exploited to cause a stack-based buffer overflow
when scanning a malicious ACE archive containing a compressed file
with a filename longer than 272 characters.
Successful exploitation allows execution of arbitrary code, but
requires that compressed file scanning is enabled.
The vulnerability is related to:
SA14359
The vulnerability has been confirmed in the following products:
* ViRobot Expert 4.0
* ViRobot Advanced Server
* ViRobot Linux Server 2.0
* HAURI LiveCall
SOLUTION:
Apply patches.
ViRobot Linux Server 2.0:
http://www.globalhauri.com/html/download/down_unixpatch.html
ViRobot Expert 4.0 / ViRobot Advanced Server:
Update to the latest version via online update (vrazmain.dll version
5.8.22.137).
HAURI LiveCall:
Update to the latest version by visiting the vendor's LiveCall
website (vrazmain.dll version: 5.8.22.137).
PROVIDED AND/OR DISCOVERED BY:
Tan Chew Keong, Secunia Research.
ORIGINAL ADVISORY:
Secunia Research:
http://secunia.com/secunia_research/2005-33/advisory/
OTHER REFERENCES:
SA14359:
http://secunia.com/advisories/14359/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]