Jump to content


Photo

Multiple AV vendor vulns - updates available


  • Please log in to reply
146 replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 24 July 2007 - 04:15 AM

FYI...

> http://atlas.arbor.n...ndex#1027704494
Panda Antivirus EXE File Parsing Buffer Overflow Vulnerability
Severity: High Severity
Published: July 23, 2007
Panda AV is vulnerable to a buffer overflow when processing Windows EXE files. The error comes in an integer cast when parsing EXE header data. A malicious attacker could send the victim a malformed EXE file to be processed by Panda AV. This would then allow the attacker to run arbitrary code on the victim's computer. Updates have been made available.
Analysis: This is a similar issue to the Eset NOD32 file processing issue and nearly a dozen such vulnerabilities recently. We believe that this trend will continue for some time.
Source: http://secunia.com/advisories/26171/

NOD32 Antivirus Multiple File Processing Vulnerabilities
Severity: High Severity
Published: July 23, 2007
Eset NOD32 antivirus is vulnerable to file processing vulnerabilities that could be abused by a remote attacker to compromise a system. The AV software has problems processing CAB, ASPack, and FSG packed files. Malformed files could be sent to a victim to be processed by NOD32 and then run arbitrary code on the server. Eset has issued updated software to address this issue.
Analysis: This is another AV vulnerability in handling files. We do not expect it to be the last one, in this package or any other AV package.
Source: http://secunia.com/advisories/26124/

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#2 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 25 July 2007 - 11:15 AM

FYI...

CA AV and other multiple products vuln - updates available
- http://secunia.com/advisories/26155/
Release Date: 2007-07-25
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch ...
Description: Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS...

(See the advisory for the long list of affected products.)

Also see: http://secunia.com/advisories/26190/
Release Date: 2007-07-25
Critical: Moderately critical
Impact: System access
Where: From local network
Solution Status: Vendor Patch
...The vulnerability affects all versions of the CA Message Queuing software prior to v1.11 Build 54_4 on Windows and Netware..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#3 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 22 August 2007 - 11:52 AM

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/26530/
Release Date: 2007-08-22
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x...
Solution:
Update to version 0.91.2.
- http://sourceforge.n...lease_id=533658
2007-08-21


Trend Micro ServerProtect multiple vulns - update available
- http://secunia.com/advisories/26523/
Release Date: 2007-08-22
Critical: Moderately critical
Impact: System access
Where: From local network
Solution Status: Vendor Patch
Software: Trend Micro ServerProtect for Windows/NetWare 5.x...
Solution: Apply Security Patch 4 - Build 1185.
http://www.trendmicr...uritypatch4.exe
Original Advisory: Trend Micro:
http://www.trendmicr...tch4_readme.txt

Also see: http://secunia.com/advisories/26557/
Software: Trend Micro Anti-Spyware 3.x, Trend Micro PC-cillin Internet Security 2007

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#4 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 24 August 2007 - 07:45 AM

FYI...

Sophos AV vuln - update available
- http://secunia.com/advisories/26580/
Release Date: 2007-08-24
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Sophos Anti-Virus...
The vulnerabilities are reported in Sophos Anti-Virus with engine versions prior to 2.48.0.
Solution: Update to engine version 2.48.0 or later...
Original Advisory: http://www.sophos.co...icle/28407.html
http://www.sophos.co...icle/14244.html ...

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#5 hornet777

hornet777

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 607 posts

Posted 25 August 2007 - 06:16 PM

re: ClamAV vuln:
ClamWin has begun an incremental programme upgrade that is much smaller than the full install, and significantly smaller than the "nosig" install too. It is available by selecting Check Latest Version in the Help menu. FYI.

/xposed a misspelling

Edited by hornet777, 25 August 2007 - 06:17 PM.

After all is invested in correctness, then how does it stand with truth?

#6 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 07 September 2007 - 05:42 AM

FYI...

Sophos AV vuln - updates available
- http://secunia.com/advisories/26714/
Release Date: 2007-09-07
Critical: Moderately critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch
Software: Sophos Anti-Virus 7.x, Sophos Anti-Virus for Windows 6.x
...The vulnerability is reported in versions 6.x and 7.0.0.
Solution: Update to versions 6.5.8 or later, or 7.0.1 or later. The vendor also recommends users of version 6.x to upgrade to version 7.
Original Advisory:
http://www.sophos.co...icle/29150.html

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#7 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 08 September 2007 - 05:15 AM

FYI...

AOL AV changes...
- http://isc.sans.org/...ml?storyid=3360
Last Updated: 2007-09-08 01:29:38 UTC - "...It appears that AOL has switched from Kaspersky to McAfee and are now distributing "McAfee Virus Scan Plus-Special edition from AOL" according to this page*. It isn't entirely clear how (or if) this was communicated to the folks using the Kaspersky software. If you follow the link at the bottom of the page it looks like the old software may still get updates if you point back to a Kaspersky site, but that isn't entirely clear and I was unable to find anyone to answer that question for sure today (I'll update the story if I get more info). Without some action by the user, however, it appears that they will now be unprotected, which is unfortunate. In the meantime, if you have an AOL e-mail address, you can still get free anti-virus software from here**..."

* http://www.activevir...reeav/index.adp

** http://safety.aol.co.../BasicSecurity/

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#8 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 26 September 2007 - 06:28 AM

FYI...

Kaspersky AV DoS vuln - update 11.2007
- http://secunia.com/advisories/26887/
Last Update: 2007-09-25
Critical: Not critical
Impact: DoS
Where: Local system
Solution Status: Unpatched
Software: Kaspersky Anti-Virus 6.x
Kaspersky Anti-Virus 7.x
Kaspersky Internet Security 6.x
Kaspersky Internet Security 7.x
...The vulnerabilities are reported in version 7.0 build 125. Other versions may also be affected.
Solution: The vendor is reportedly working on an update to be released November 2007.
Original Advisory: Kaspersky:
http://www.kaspersky...ws?id=203038706
"...This is not the first time that this author has failed to notify us about a vulnerability before making it public, despite the fact that notifying the vendor first is de facto an industry standard..."

> http://nvd.nist.gov/...e=CVE-2007-5043

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#9 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 11 October 2007 - 03:59 AM

FYI...

Kaspersky Online Scanner ActiveX Vuln
- http://secunia.com/advisories/27187/
Release Date: 2007-10-11
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Kaspersky Online Scanner 5.x
...The vulnerability affects versions 5.0.93.1 and prior.
Solution: Update to version 5.0.98.0.
http://www.kaspersky...kavwebscan.html ...
Original Advisory: Kaspersky:
http://www.kaspersky...ws?id=207575572 ...

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#10 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 21 November 2007 - 05:48 AM

FYI...

BitDefender Online Scanner ActiveX vuln - update available
- http://secunia.com/advisories/27717/
Release Date: 2007-11-21
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
...Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 8.0. Other versions may also be affected.
Solution: Update to the latest version (OScan82.ocx).
http://www.bitdefend...m/scan8/ie.html

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#11 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 05 December 2007 - 10:06 AM

FYI...

avast! vuln - update available
- http://secunia.com/advisories/27929/
Last Update: 2007-12-06
Critical: Highly critical
Impact: Unknown
Where: From remote
Solution Status: Vendor Patch
Software: avast! Home/Professional 4.x
...The vulnerability is reported in versions prior to 4.7.1098.
Solution: Update to version 4.7.1098.
http://www.avast.com/eng/download.html ...
Original Advisory:
http://www.avast.com...on-history.html

.

Edited by apluswebmaster, 06 December 2007 - 05:48 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#12 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 12 December 2007 - 05:52 AM

FYI...

Trend Micro AV plus AS 2008, Internet Security 2008, Internet Security Pro 2008
- http://esupport.tren...ntentID=1036464
12/10/07 - "...Remote memory corruption... long bogus file names from malformed ZIP files... Vulnerability only affects users with English Versions of TIS16 (Trend Micro Internet Security Pro, Trend Micro Internet Security/Virus Buster 2008) and TAV16 (TrendMicro Antivirus plus AntiSpyware 2008) build #1450 and older... You can download the TIS16.0 English language security patch here..."

> http://secunia.com/advisories/28038/

:ph34r:

Edited by apluswebmaster, 14 December 2007 - 10:48 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#13 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 19 December 2007 - 08:09 AM

FYI...

Clam AV vuln - update available
- http://secunia.com/advisories/28117/
Release Date: 2007-12-19
Critical: Highly critical
Impact: DoS, System access
Where: From remote
...The vulnerability is reported in versions prior to 0.92...
Solution: Update to version 0.92.

> http://www.clamav.org/
ClamAV Virus Databases: main.cvd ver. released on 09 Dec 2007 15:50 +0000

> http://www.clamwin.com/
The latest version of Clamwin Free Antivirus is 0.91.2

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#14 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 21 December 2007 - 11:23 AM

FYI...

- http://www.heise-sec...articles/100965
21.12.2007 - "...The list of manufacturers of antivirus software with critical security problems reads like a Who's Who of the industry: the blacklist of Zoller and Alvarez includes Avast, Avira, BitDefender, CA, ClamAV, Eset NOD32, F-Secure, Grisoft AVG, Norman, Panda and Sophos. iDefense uncovered critical buffer overflows in Kaspersky's scanner, McAfee's VirusScan and Trend Micro's security products. Secunia found the same thing in Symantec's E-mail Security, and ISS/IBM XForce caught out Microsoft's security products. All of these appeared just this year, and the list is by no means complete: the n.runs specialists alone say they have discovered more than 80 critical holes and passed them on to the manufacturers. As far as they know, only some thirty of them have been closed so far..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#15 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 January 2008 - 04:53 AM

FYI...

McAfee E-Business Svr vuln - update available
- http://secunia.com/advisories/28408/
Release Date: 2008-01-10
Critical: Moderately critical
Impact: System access, DoS
Where: From local network
Solution Status: Vendor Patch
Software: McAfee e-Business Server 8.x
...The vulnerability affects versions 8.5.2 and prior on Windows.
Solution: Update to version 8.5.3.
Original Advisory: McAfee:
https://knowledge.mc...SAL_Public.html

.
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#16 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 13 February 2008 - 09:56 PM

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/28907/
Release Date: 2008-02-12
Last Update: 2008-02-13
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x
...The vulnerabilities are reported in versions prior to 0.92.1.
Solution: Update to version 0.92.1...
Original Advisory:
http://sourceforge.n...lease_id=575703 ...

- http://nvd.nist.gov/...e=CVE-2007-6595

- http://nvd.nist.gov/...e=CVE-2008-0318

- http://nvd.nist.gov/...e=CVE-2008-0728

:ph34r:

Edited by apluswebmaster, 19 February 2008 - 07:30 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#17 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 22 February 2008 - 11:31 AM

FYI...

F-Secure vuln - hotfix available
- http://www.f-secure....sc-2008-1.shtml
Last updated: 2008-02-19 ...
Risk Factor: High
The gateway passes archives unscanned
Mitigating Factors:
* Exploitation of these vulnerabilities requires specially crafted archives
* The CAB issue has been fixed automatically in F-Secure database updates, while fixing the RAR archive scanning requires installing the hotfix..."

(More detail at the URL above.)

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#18 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 27 February 2008 - 05:44 AM

FYI...

Symantec RAR File vulns - updates available
- http://secunia.com/advisories/29140/
Release Date: 2008-02-27
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Symantec AntiVirus for Network Attached Storage 4.x
Symantec AntiVirus Scan Engine 4.x
Symantec AntiVirus/Filtering for Domino 3.x
Symantec Mail Security for Exchange 4.x
Symantec Mail Security for Microsoft Exchange 5.x
Symantec Scan Engine 5.x...
Original Advisory: SYM08-006:
http://www.symantec....2008.02.27.html ...
"...to ensure all available updates have been applied, users can manually launch and run LiveUpdate..."

.

Edited by apluswebmaster, 27 February 2008 - 05:45 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#19 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 March 2008 - 11:15 AM

FYI...

Panda vuln - updates available
- http://secunia.com/advisories/29311/
Release Date: 2008-03-10
Critical: Less critical
Impact: Privilege escalation, DoS
Where: Local system
Solution Status: Vendor Patch
Software: Panda Antivirus + Firewall 2008, Panda Internet Security 2008 ...
Solution: Apply hotfix.
Panda Internet Security 2008 (hfp120801s1.exe):
http://www.pandasecu...hfp120801s1.exe
Panda Antivirus + Firewall 2008 (hft70801s1.exe):
http://www.pandasecu.../hft70801s1.exe ...
Original Advisory: Panda:
http://www.pandasecu...amp;ref=ProdExp
http://www.pandasecu...amp;ref=ProdExp ...
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#20 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 17 March 2008 - 11:01 AM

FYI...

F-Secure Security Advisory FSC-2008-2
- http://www.f-secure....s/00001404.html
March 17, 2008 - "...The Secure Programming Group at Oulu University has created a collection of malformed archive files. These archive files break and crash products from at least 40 vendors - including several antivirus vendors...including us. We've fixed a long list of our products to resolve these issues. Home users will get these fixes via the normal update system and they don't have to do anything... Our guidance here is the same as for patches from any other vendor: Patch now before someone figures out how to exploit the vulnerability. At the moment we are not aware of any public exploit methods for these vulnerabilities. For more information, please consult F-Secure Security Advisory FSC-2008-2* and CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats**."
* http://www.f-secure....sc-2008-2.shtml
(Hotfixes/patches available)

** https://www.cert.fi/...ve-formats.html
17 March 2008 - "...The vulnerabilities described in this advisory can potentially affect programs that handle the archive formats ACE, ARJ, BZ2, CAB, GZ, LHA, RAR, TAR, ZIP and ZOO. The Test Suite contains a set of fuzzed archive files in different formats, some of which may cause and some that are known to cause problems in common tools processing archived content..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#21 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 04 April 2008 - 08:36 PM

FYI...

CA Alert Notification Server service
- https://support.ca.c...ontentID=173103
Issued: April 3rd, 2008 - "CA's customer support is alerting customers to security risks in products that use the Alert Notification Server service. Multiple vulnerabilities exist that can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities.
The vulnerabilities, CVE-2007-4620, are due to insufficient bounds checking in multiple procedures. A remote authenticated attacker or local user can exploit a buffer overflow to execute arbitrary code or cause a denial of service.
Risk Rating: High
Affected Products:
CA Anti-Virus for the Enterprise 7.1
CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8
CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8.1
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1
BrightStor ARCserve Backup r11.5
BrightStor ARCserve Backup r11.1
BrightStor ARCserve Backup r11 for Windows
Solution: CA has provided updates to address the vulnerabilities... (links at URL above)
Workaround: None..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#22 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 14 April 2008 - 08:18 AM

FYI...

ClamAV vuln
- http://secunia.com/advisories/29000/
Release Date: 2008-04-14
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Workaround
Software: Clam AntiVirus (clamav) 0.x
...The vulnerability is confirmed in versions 0.92 and 0.92.1. Prior versions may also be affected.
Solution: An updated version should be available shortly. The PE scanning module has been remotely switched off after 10/03/2008.

Do not scan untrusted PE files...

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#23 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 15 April 2008 - 04:45 AM

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/29000/
Last Update: 2008-04-15
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x
...The vulnerabilities are reported in version 0.92.1. Prior versions may also be affected.
Solution: Update to version 0.93.
Download:
- http://www.clamav.net/download/sources
Changelog:
- http://svn.clamav.ne...trunk/ChangeLog

http://nvd.nist.gov/...e=CVE-2008-1100

http://nvd.nist.gov/...e=CVE-2008-1387

:!:

Edited by apluswebmaster, 17 April 2008 - 12:48 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#24 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 17 June 2008 - 04:46 AM

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/30657/
Release Date: 2008-06-17
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x...
The vulnerability is reported in versions prior to 0.93.1.
Solution: Update to version 0.93.1.
Original Advisory:
https://wwws.clamav....bug.cgi?id=1000 ...

Download:
http://sourceforge.n...?group_id=86638

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#25 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 21 June 2008 - 04:52 AM

Backtrack...

- http://atlas.arbor.n...index#-51119944
Severity: High Severity
Published: Friday, June 20, 2008 20:31

ClamAV vuln... now marked as "Unpatched"
- http://secunia.com/advisories/30657/
Last Update: 2008-06-20
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Unpatched ...
The vulnerability is confirmed in versions 0.93 and 0.93.1. Other versions may also be affected.
Solution: Disable the scanning of PE files.
NOTE: Version 0.93.1 only fixes a particular exploitation vector...
Changelog:
2008-06-20: Updated "Solution" section and marked the advisory as unpatched...

:!: :ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#26 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 07 July 2008 - 06:20 AM

FYI...

Panda ActiveScan vulns - update available
- http://secunia.com/advisories/30841/
Release Date: 2008-07-07
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Panda ActiveScan 2.0 1.x
...Successful exploitation allows execution of arbitrary code. According to the vendor, the vulnerabilities affect versions prior to version 1.02.00.
Solution: Update to version 1.02.00 or later.
http://www.pandasecu....com/activescan

- http://nvd.nist.gov/...e=CVE-2008-3155
- http://nvd.nist.gov/...e=CVE-2008-3156

:!:

Edited by apluswebmaster, 21 July 2008 - 02:52 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#27 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 29 July 2008 - 07:37 PM

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/30657/
Last Update: 2008-07-28
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 0.93.3...
- http://sourceforge.n...;group_id=86638

- http://nvd.nist.gov/...e=CVE-2008-2713
- http://nvd.nist.gov/...e=CVE-2008-3215

//
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#28 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 30 July 2008 - 03:26 AM

FYI...

AVG DoS vuln - update available
- http://secunia.com/advisories/31290/
Release Date: 2008-07-29
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: AVG Anti-Virus 8.x ...
...The vulnerability affects versions prior to 8.0.156.
Solution: Update to version 8.0.156 or later.
Original Advisory:
AVG: http://www.grisoft.com/ww.94247

n.runs AG: http://preview.tinyurl.com/6fcaye ...

- http://www.us-cert.g...releases_update

Program update AVG Free 8.0 169: http://free.avg.com/ww.94096
August 25, 2008

//

Edited by apluswebmaster, 12 September 2008 - 08:50 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#29 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 25 August 2008 - 05:58 AM

FYI...

Trend Micro Web Mgmt authentication bypass...
- http://secunia.com/advisories/31373/
Last Update: 2008-08-29
Critical: Moderately critical
Impact: Security Bypass, Brute force
Where: From local network
Solution Status: Partial Fix
Software: Trend Micro Client Server Messaging Security for SMB 3.x
Trend Micro OfficeScan Corporate Edition 7.x
Trend Micro OfficeScan Corporate Edition 8.x
Trend Micro Worry-Free Business Security 5.x ...
Solution: Apply patches...
(See the URL above for links to patches.)

- http://web.nvd.nist....d=CVE-2008-2433
Last revised: 09/05/2008

:!:

Edited by apluswebmaster, 08 September 2008 - 08:48 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#30 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 12 September 2008 - 08:50 AM

FYI...

Trend Micro OfficeScan Server - updates available
- http://secunia.com/advisories/31342/
Release Date: 2008-09-12
Critical: Moderately critical
Impact: System access
Where: From local network
Solution Status: Partial Fix
...Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 7.3 with Patch 4 build 1362 applied and also affects OfficeScan version 7.0 and 8.0, and Client Server Messaging Security version 3.6, 3.5, 3.0, and 2.0.
Solution: Apply patches...

(Links to patches/updates available at the URL above.)

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#31 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 02 October 2008 - 06:33 AM

FYI...

Trend Micro OfficeScan multiple vulns - update available
- http://secunia.com/advisories/32097/
Release Date: 2008-10-02
Critical: Moderately critical
Impact: Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Trend Micro OfficeScan Corporate Edition 8.x
...The vulnerabilities are reported in Trend Micro OfficeScan 8.0.
Solution: Apply patches.
Trend Micro OfficeScan 8.0 Service Pack 1:
http://www.trendmicr...Patch_B2439.exe
Trend Micro OfficeScan 8.0 Service Pack 1 Patch 1:
http://www.trendmicr...lPatch_3087.exe
Original Advisory: ...Trend Micro:
http://www.trendmicr...2439_Readme.txt
http://www.trendmicr...3087_Readme.txt

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#32 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 21 October 2008 - 06:10 AM

FYI...

F-Secure vuln - update available
- http://secunia.com/advisories/32352/
Release Date: 2008-10-21
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Solution: Apply patches (please see the vendor's advisory for details).
Original Advisory: FSC-2008-3:
http://www.f-secure....sc-2008-3.shtml ...

- http://web.nvd.nist....d=CVE-2008-6085

:!:

Edited by apluswebmaster, 09 February 2009 - 11:18 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#33 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 21 October 2008 - 10:59 AM

FYI...

McAfee update classifies Vista component as a Trojan
- http://www.theregist...an_false_alert/
21 October 2008 - "McAfee has fixed an update glitch that wrongly slapped a Trojan classification on components of Microsoft Vista. As a result of a misfiring update, published on Monday, the Windows Vista console IME executable was treated as a password-stealing Trojan. Depending on their setup, McAfee users applying would have typically found the component either quarantined or deleted. The antivirus firm fixed the glitch with a definition update on Tuesday that recognised the difference between the Vista component and malware, as explained in a write-up by McAfee here*. False positives with virus signature updates are a perennial problem for antivirus vendors, and the latest glitch is far from the first such occurrence to befall McAfee. Only two months ago in August McAfee wrongly categorised a plug-in for Microsoft Office Live Meeting as a Trojan."
* http://us.mcafee.com...;virus_k=100683

AVG flags ZoneAlarm as malware
- http://news.cnet.com...0067148-83.html
October 15, 2008 - "Grisoft, makers of AVG antivirus, on Wednesday released a new update addressing a false positive in another security product. On Tuesday, AVG users reported desktops warnings that their desktop was infected with something called Trojan Agent r.CX... The ZoneAlarm user forum soon filled with concerned users... Laura Yecies, vice president and general manager of Check Point's ZoneAlarm consumer division said, "as soon as Check Point learned that AVG's recent antivirus update was mistakenly flagging a ZoneAlarm file as a virus, we contacted AVG and they issued an update within hours that corrected the problem. AVG users will automatically get the update that corrects the issue." In July, Grisoft modified its free AVG 8 due to complaints about a proactive scanning of a Web site feature. The feature that had been enabled in the paid version of the product did not scale with the free release causing spikes in Web traffic."
- http://www.theregist...an_false_alarm/
16 October 2008 - "...The mis-firing AVG definition file tagged components of ZoneAlarm as infected with the Agent_r.CX Trojan horse and quarantined important files. As a result users running the popular antivirus package alongside security suite software from Check Point were left with a malfunctioning firewall, mystery infection reports and an inability to re-install their ZoneAlarm software..."

:( :(

Edited by apluswebmaster, 21 October 2008 - 04:19 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#34 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 22 October 2008 - 10:58 AM

FYI...

Trend Micro OfficeScan vuln - update available
- http://secunia.com/advisories/32005/
Release Date: 2008-10-22
Critical: Moderately critical
Impact: System access
Where: From local network
Solution Status: Vendor Patch
Software: Trend Micro OfficeScan Corporate Edition 7.x, Trend Micro OfficeScan Corporate Edition 8.x...
Solution: Apply patches.
Trend Micro OfficeScan 8.0 SP1 Patch 1:
http://www.trendmicr...Patch_B3110.exe
Trend Micro OfficeScan 7.3:
http://www.trendmicr...Patch_B1374.exe ...
Trend Micro:
http://www.trendmicr...3110_readme.txt
http://www.trendmicr...1374_readme.txt ...

- http://www.us-cert.g..._critical_patch
October 22, 2008

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#35 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 November 2008 - 06:51 AM

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/32663/
Release Date: 2008-11-10
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 0.94.1.
> http://sourceforge.n...;group_id=86638
Download:
- http://www.clamav.net/download/sources
Changelog:
- http://svn.clamav.ne...trunk/ChangeLog

Also see: ClamWin Free Antivirus 0.94.1 released
- http://www.clamwin.c...ent/view/205/1/
Download:
- http://www.clamwin.c...ent/view/18/46/
Version 0.94.1; 24.5MB

- http://web.nvd.nist....d=CVE-2008-5050

:!:

Edited by apluswebmaster, 17 November 2008 - 12:25 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#36 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 02 December 2008 - 04:59 AM

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/32926/
Release Date: 2008-12-02
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x
...The vulnerability is reported in versions prior to 0.94.2.
Solution: Update to version 0.94.2.
Original Advisory: ClamAV:
http://sourceforge.n...lease_id=643134

Download:
- http://www.clamav.net/download/sources
"...Latest stable release: ClamAV 0.94.2..."

Changelog:
- http://svn.clamav.ne...trunk/ChangeLog

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#37 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 19 December 2008 - 08:29 AM

FYI...

ESET Smart Security vuln - update available
- http://secunia.com/advisories/33210/
Release Date: 2008-12-19
Critical: Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software: ESET Smart Security 3.x
...The vulnerability is confirmed in version 3.0.672. Other versions prior to 3.0.684 may also be affected...
Solution: Update to version 3.0.684...
- http://www.eset.com/...o...13&Itemid=5
• stability and security fixes

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#38 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 20 December 2008 - 08:30 AM

FYI...

Sophos AV vuln - update available
- http://secunia.com/advisories/33177/
Release Date: 2008-12-19
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
...The vulnerability is caused due to an unspecified error when processing certain malformed CAB archives. This can be exploited to crash the application and may allow the execution of arbitrary code...
Solution: Fixed in the Sophos virus engine 2.82.1.
Original Advisory: Sophos:
http://www.sophos.co...icle/50611.html ...

- http://atlas.arbor.n...ndex#-675282542

:ph34r:

Edited by apluswebmaster, 22 December 2008 - 05:12 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#39 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 22 December 2008 - 05:02 AM

FYI...

Trend Micro HouseCall ActiveX vuln - update available
- http://secunia.com/advisories/31583/
Release Date: 2008-12-21
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Trend Micro HouseCall ActiveX Control 6.x, Trend Micro HouseCall Server 6.x
...Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in versions 6.51.0.1028 and 6.6.0.1278. Other versions may also be affected.
Solution: Remove the ActiveX control and install version 6.6.0.1285.
http://prerelease.tr...om/hc66/launch/

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#40 Dragonslore

Dragonslore

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 230 posts

Posted 22 December 2008 - 05:57 AM

If you're running NOD32, then you'll want to check the program About dialog box.

Chances are, you're still at 3.0.672.0

It seems that ESET has forgotten to push the program update through the auto update feature so far.


- Excuse the Writing, I've Got a Dyslexic Keyboard

#41 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 15 January 2009 - 08:53 AM

FYI...

Avira Antivir vuln - update available
- http://secunia.com/advisories/33541/
Release Date: 2009-01-15
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Avira AntiVir Personal Edition Classic 7.x, 8.x, Premium 7.x, Premium 8.x,
Premium Security Suite 7.x, Server 6.x, UNIX MailGate 2.x, Workstation 7.x, 8.x,
Premium Security Suite 7.x
...The vulnerabilities are caused due to errors in the handling of RAR files. These can be exploited to crash an affected program via a specially crafted RAR archive.
Solution: Update the scanning engine to versions 7.9.0.54, 8.2.0.54, or later.
Original Advisory: Avira:
http://forum.avira.c...;threadID=81148 ...

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#42 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 23 February 2009 - 05:16 AM

FYI...

F-Secure Anti-Virus Client Security hotfix
- http://support.f-sec...-hotfixes.shtml
Feb 17, 2009 - "Client Security Hotfix fsav744-06
F-Secure Client Security versions 7.12 * All supported platforms
...After having applied this hotfix, the product gains ability to handle USB-carried malware known under the following aliases: Downadup and Conficker.
Note: A reboot is not required after installing the hotfix..."

:ph34r:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#43 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 03 April 2009 - 04:29 AM

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/34566/
Release Date: 2009-04-03
Critical: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x ...
Solution: Update to version 0.95...
- http://www.clamav.net/download/sources

- http://svn.clamav.ne...trunk/ChangeLog

- http://web.nvd.nist....d=CVE-2009-1241
- http://web.nvd.nist....d=CVE-2009-1270
Last revised: 04/10/2009

:ph34r:

Edited by apluswebmaster, 13 April 2009 - 11:03 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#44 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 29 April 2009 - 06:17 AM

FYI...

Symantec Alert Management System 2 multiple vulns - SYM09-007
- http://preview.tinyurl.com/dngt55
April 28, 2009 Symantec Security Advisories:
Remote Access: Yes
Local Access: Yes...
"The version of Alert Management System 2 (AMS2) used by some versions of Symantec System Center, Symantec Antivirus Server, and Symantec AntiVirus Central Quarantine Server contains four vulnerabilities... (see) Affected Products table... Updates have been released to address these issues..."
- http://secunia.com/advisories/34856/2/
Release Date: 2009-04-29
Critical: Moderately critical
Impact: Privilege escalation, System access
Where: From local network
Solution Status: Vendor Patch
Software: Symantec AntiVirus Corporate Edition 10.x, Symantec AntiVirus Corporate Edition 9.x, Symantec Client Security 2.x, Symantec Client Security 3.x, Symantec Endpoint Protection 11.x...

- http://web.nvd.nist....d=CVE-2009-1429
- http://web.nvd.nist....d=CVE-2009-1430
- http://web.nvd.nist....d=CVE-2009-1431

- http://preview.tinyurl.com/cacnwe
Symantec Security Advisories
4/28/09 - Symantec Alert Management System 2 multiple vulnerabilities - SYM09-007
4/28/09 - Symantec Log Viewer JavaScript Injection Vulnerabilities - SYM09-006
4/28/09 - Symantec Reporting Server Improper URL Handling Exposure - SYM09-008

:!: :!: :!:

Edited by apluswebmaster, 04 May 2009 - 03:25 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#45 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 30 April 2009 - 02:31 PM

FYI...

McAfee Security Bulletin - VirusScan Engine update fixes bypasses
- https://kc.mcafee.co...ctp=LIST_RECENT
April 29, 2009
• Description
There is an issue with engine DAT versions where specially crafted archive files could cause a scanning process to miss files within the archive. These archives are corrupt, but still functional by some end user archive programs. This could allow malware to bypass a scanner on a gateway. Users utilizing on-access scanning on endpoint devices should not be affected, as the scanner will see the files after the archive is opened. An attack, even if it is successful at bypassing the gateway, will have no lasting effect on the endpoint running an on-access scanner, which is the default and recommended way of running our Anti-Virus products. Updating to the latest product version will resolve this issue.
• Remediation
Overview: Download appropriate DAT file 5600 or later.
Obtaining the Binaries: http://www.mcafee.co...updates/dat.asp
• Workaround
All users should enable On-Access-Scanning on all endpoint devices. This is the default setting after installation. By using On-Access-Scanning, endpoints will catch any threats that may pass on gateway devices. McAfee has long supported a defense-in-depth strategy that includes running antivirus software on multiple points of your network, including gateways, file servers, and especially endpoints...

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#46 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 07 May 2009 - 05:49 AM

FYI...

F-Secure ZIP and RAR archives vulns
- http://secunia.com/advisories/35008/2/
Release Date: 2009-05-06
Critical: Not critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
Software: F-Secure Anti-Virus...
Solution: Apply patches. Please see the vendor's advisory for details...
Original Advisory: FSC-2009-1:
http://www.f-secure....fsc-2009-1.html ...
2009-05-06

:ph34r: :!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#47 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 26 May 2009 - 11:18 AM

FYI...

AVG 8.5 vuln - updates available
- http://web.nvd.nist....d=CVE-2009-1784
Last revised: 05/26/2009
CVSS v2 Base Score: 10.0 (HIGH)

- http://xforce.iss.ne...orce/xfdb/50426
... Platforms Affected:
* AVG, AVG Anti-Virus 6.0.710
* AVG, AVG Anti-Virus 7.0
* AVG, AVG Anti-Virus 7.0.251
* AVG, AVG Anti-Virus 7.0.323
* AVG, AVG Anti-Virus 7.1.308
* AVG, AVG Anti-Virus 7.1.407
* AVG, AVG Anti-Virus 7.5.448
* AVG, AVG Anti-Virus 7.5.476
* AVG, AVG Anti-Virus 8.0
* AVG, AVG Anti-Virus 8.0.156
Remedy: Upgrade to the latest version of AVG (8.5 build 323 or later), available from the AVG Web site...

Program update AVG 8.5.323 SP1
- http://www.avg.com/223363
... Fixes
• Core: Fixed problem with crash while scanning PDF files.
• Core: Fixed occasional crash of scanning engine.
• Core: Fixed problem of crash while healing Mozilla Firefox 3 cookies.
• Core: Fixed problem with processing slowdown during Resident Shield scanning LNK files.
• Core: Fixed problem with ZoneAlarm incompatibility.
• Core: Fixed problem with missed detection in corrupted *.cab and *.zip archives (thanks to Thierry Zoller)...

:!:

Edited by apluswebmaster, 27 May 2009 - 12:29 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#48 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 June 2009 - 05:29 AM

FYI...

McAfee false positive...
- http://www.theregist...e_update_snafu/
9 June 2009 - "A recent McAfee service pack led to systems being rendered unbootable, according to posts on the security giant's support forums. The mandatory service pack for McAfee's corporate Virus scanning product, VSE 8.7, was designed to address minor security bugs but instead tagged windows system files as malware. The software update was issued on 27 May and pulled on 2 June, after problems occurred. Users were advised to keep the patch if they'd already installed it in a low-key announcement on McAfee's knowledge base*. Posts on McAfee's support forum** paint a different picture of PCs and server left unbootable after the update had automatically deleted Windows systems files wrongly identified as potentially malign..."
* https://kc.mcafee.co...=...&id=KB65943
June 08, 2009
** http://community.mca...ad.php?t=231060

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#49 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 16 June 2009 - 05:46 AM

FYI...

F-secure - Mail relay vuln - update available
- http://www.f-secure....fsc-2009-2.html
2009-06-16 - "...Specially crafted messages may be used to bypass mail relay restrictions.
Mitigating factors:
* The issue only affects systems where the SMTP Turbo module is used for mail distribution.
* Incorrectly relayed messages still pass through spam filtering, which decreases the vulnerability’s usefulness for spam relaying.
Affected platforms: All supported platforms
Products: F-Secure Messaging Security Gateway 5.5.x...

- http://secunia.com/advisories/35475/2/
Release Date: 2009-06-16
Critical: Moderately critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
OS: F-Secure Messaging Security Gateway P-Series, F-Secure Messaging Security Gateway X-Series...
Solution: The vendor has fixed the vulnerability in patch 739, delivered automatically to affected systems. Approve the installation of patch 739 for systems not configured for automatic patch installation...

:!:

Edited by apluswebmaster, 16 June 2009 - 06:26 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#50 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 19 June 2009 - 04:57 AM

FYI...

ClamAV CAB/RAR/ZIP vuln - update available
- http://www.securityf.../bid/35426/info
Published: Jun 18 2009
Updated: Jun 19 2009
"... Versions prior to ClamAV 0.95.2 are vulnerable..."

- http://www.clamav.net/
"Latest ClamAV® stable release is: 0.95.2 ..."

- http://www.clamav.net/download/sources

:!:
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button