Mon, 23 Jan 2006 12:49:36 -0500
|
Just in case anyone has a mailbox rule that automatically trashes
anything with a subject line starting with "URGENT:", I am resending this.
Thanks, Valdis, for making that suggestion :)
Nathan
At 12:17 PM 1/23/2006 -0500, I wrote:
>Applies to LISTSERV sites running the following versions of F-Secure
>Anti-Virus:
>
>- F-Secure Anti-Virus for Workstations v. 5.44 and earlier
>- F-Secure Anti-Virus for Windows Servers v. 5.52 and earlier
>- F-Secure Anti-Virus for Servers (Linux) v. 4.64 and earlier
>
>Note: The complete bulletin is available at
>http://www.f-secure.com/security/fsc-2006-1.shtml . This is a
>digest cut down to highlight only the FSAV versions certified by L-Soft.
>
>F-Secure Security Bulletin FSC-2006-1
>Code execution vulnerability in ZIP and RAR-archive handling
>
>Date issued: 2006-01-19
>Last updated: 2006-01-20
>Risk factor: Critical (Low/Medium/High/Critical)
>Brief description: Specially crafted ZIP archives may be used to
>execute code on affected systems. Both RAR- and ZIP-archives can in
>addition be crafted to avoid successful scanning and obfuscate
>malicious code in the archive.
>
>Issue: It is possible to create specially crafted ZIP archives that
>cause a buffer overflow. This allows an attacker to execute code of
>his choice on affected systems. It is in addition possible to create
>malformed RAR- and ZIP-archives that cannot be scanned properly.
>This can lead to a false negative scan result.
>
>Risk Factor: Critical
>
>Gateway installations that scan web (HTTP, FTP) and mail (SMTP, POP)
>traffic are vulnerable. These machines are typically scanning a
>large number of archive files with the scan inside archives setting
>enabled. Server products that are configured to use scheduled
>on-demand scans are also likely to be vulnerable. This makes
>products in this category the most likely target for attacks.
>
>F-Secure recommends all users of the mentioned gateway and server
>products to install the hotfix or upgrade to a version that is not
>affected (if available).
>
>Product Versions Hotfix ID Download
>
>F-Secure Anti-Virus for Workstations 5.42-5.44 fsavwk617-02
>ftp://ftp.f-secure.com/support/hotfix/fsavcs/fsavwk617-02-signed.fsfix
>
>F-Secure Anti-Virus for Windows Servers 5.42-5.52 fsavsr552-02
>ftp://ftp.f-secure.com/support/hotfix/fsav-server/fsavsr552-02-signed.fsfix
>
>F-Secure Anti-Virus for Linux Servers 4.63-4.64 Updated binary
>ftp://ftp.f-secure.com/support/hotfix/fsav-linux/fsav-fsigk-linux-FSC-2006-1-hotfix.tgz
>
>Sincerely,
>Nathan Brindle
>Sr. Product Engineer
>L-Soft international, Inc.
|
|
|