LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

F-Secure Security Bulletin FSC-2006-1

Nathan Brindle <[log in to unmask]>

Mon, 23 Jan 2006 12:49:36 -0500

text/plain (65 lines)

Just in case anyone has a mailbox rule that automatically trashes 
anything with a subject line starting with "URGENT:", I am resending this.

Thanks, Valdis, for making that suggestion :)

Nathan

At 12:17 PM 1/23/2006 -0500, I wrote:
>Applies to LISTSERV sites running the following versions of F-Secure 
>Anti-Virus:
>
>- F-Secure Anti-Virus for Workstations v. 5.44 and earlier
>- F-Secure Anti-Virus for Windows Servers v. 5.52 and earlier
>- F-Secure Anti-Virus for Servers (Linux) v. 4.64 and earlier
>
>Note:  The complete bulletin is available at 
>http://www.f-secure.com/security/fsc-2006-1.shtml .  This is a 
>digest cut down to highlight only the FSAV versions certified by L-Soft.
>
>F-Secure Security Bulletin FSC-2006-1
>Code execution vulnerability in ZIP and RAR-archive handling
>
>Date issued: 2006-01-19
>Last updated: 2006-01-20
>Risk factor: Critical (Low/Medium/High/Critical)
>Brief description: Specially crafted ZIP archives may be used to 
>execute code on affected systems. Both RAR- and ZIP-archives can in 
>addition be crafted to avoid successful scanning and obfuscate 
>malicious code in the archive.
>
>Issue: It is possible to create specially crafted ZIP archives that 
>cause a buffer overflow. This allows an attacker to execute code of 
>his choice on affected systems. It is in addition possible to create 
>malformed RAR- and ZIP-archives that cannot be scanned properly. 
>This can lead to a false negative scan result.
>
>Risk Factor: Critical
>
>Gateway installations that scan web (HTTP, FTP) and mail (SMTP, POP) 
>traffic are vulnerable. These machines are typically scanning a 
>large number of archive files with the scan inside archives setting 
>enabled. Server products that are configured to use scheduled 
>on-demand scans are also likely to be vulnerable. This makes 
>products in this category the most likely target for attacks.
>
>F-Secure recommends all users of the mentioned gateway and server 
>products to install the hotfix or upgrade to a version that is not 
>affected (if available).
>
>Product Versions Hotfix ID Download
>
>F-Secure Anti-Virus for Workstations 5.42-5.44 fsavwk617-02 
>ftp://ftp.f-secure.com/support/hotfix/fsavcs/fsavwk617-02-signed.fsfix
>
>F-Secure Anti-Virus for Windows Servers 5.42-5.52 fsavsr552-02 
>ftp://ftp.f-secure.com/support/hotfix/fsav-server/fsavsr552-02-signed.fsfix
>
>F-Secure Anti-Virus for Linux Servers 4.63-4.64 Updated binary 
>ftp://ftp.f-secure.com/support/hotfix/fsav-linux/fsav-fsigk-linux-FSC-2006-1-hotfix.tgz
>
>Sincerely,
>Nathan Brindle
>Sr. Product Engineer
>L-Soft international, Inc.

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM