On Wed, Dec 10, 2008 at 5:39 PM, iViZ Security Advisories <[email protected]> wrote: > ----------------------------------------------------------------------- > [ iViZ Security Advisory 08-016 10/12/2008 ] > ----------------------------------------------------------------------- > iViZ Techno Solutions Pvt. Ltd. > http://www.ivizsecurity.com > ----------------------------------------------------------------------- > > * Title: F-Secure f-prot Antivirus for Linux corrupted ELF header > Security Bypass. > * Date: 10/12/2008 > * Software: f-prot version 4.6.8 for GNU/Linux > > --[ Synopsis: > > It is possible to protect an ELF binary against > f-prot by corrupting its ELF header, while letting > the binary completely functional. F-prot will crash > when analyzing the file, letting the possible malware > undetected. > > --[ Affected Software: > > * f-prot version 4.6.8 for GNU/Linux > > --[ Impact: > > Remote DoS, possibly remote code execution. > > --[ Vendor response: > > * No vendor response > > --[ Credits: > > This vulnerability was discovered by Security Researcher > Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd. > > --[ Disclosure timeline: > > * First private disclosure to vendor on September 1st 2008. > > --[ Reference: > > http://www.ivizsecurity.com/security-advisory.html >
Hi, This is to correct our previous advisory IVIZ-08-016 published on December 10, 2008. The advisory mentions F-Secure by mistake instead of just F-Prot. F-Secure product is not affected by the vulnerability mentioned in the advisory. The updated advisory reflecting the changes is available at: http://www.ivizsecurity.com/security-advisory-iviz-sr-08016.html -- iViZ Security Research Team http://www.ivizsecurity.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
