GLSA 200904-14: F-PROT Antivirus: Multiple Denial of Service vulnerabilities

Severity:normal
Title:F-PROT Antivirus: Multiple Denial of Service vulnerabilities
Date:04/14/2009
Bugs: #232665, #253497
ID:200904-14

Synopsis

Multiple errors in F-PROT Antivirus may lead to a Denial of Service.

Background

F-PROT Antivirus is a multi-platform virus scanner for workstations and mail servers.

Affected packages

Package Vulnerable Unaffected Architecture(s)
app-antivirus/f-prot < 6.0.2 >= 6.0.2 All supported architectures

Description

The following vulnerabilities were found:

  • Multiple errors when processing UPX, ASPack or Microsoft Office files (CVE-2008-3243).
  • Infinite Sergio Alvarez of n.runs AG reported an invalid memory access when processing a CHM file with a large nb_dir value (CVE-2008-3244).
  • Jonathan Brossard from iViZ Techno Solutions reported that F-PROT Antivirus does not correctly process ELF binaries with corrupted headers (CVE-2008-5747).

Impact

A remote attacker could entice a user or automated system to scan a specially crafted file, leading to a crash or infinite loop.

Workaround

There is no known workaround at this time.

Resolution

All F-PROT Antivirus users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/f-prot-6.0.2"

References

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200904-14.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

Thank you!