F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
BID:18201
Info
F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
| Bugtraq ID: | 18201 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jun 01 2006 12:00AM |
| Updated: | Jun 01 2006 06:37PM |
| Credit: | Discovery is credited to Mikko Korppi. |
| Vulnerable: |
F-Secure Internet Gatekeeper 6.42 F-Secure Internet Gatekeeper 6.41 F-Secure Internet Gatekeeper 6.40 0 F-Secure Internet Gatekeeper 6.50 F-Secure Anti-Virus for MS Exchange 6.40 |
| Not Vulnerable: |
F-Secure Internet Gatekeeper 6.60 |
Discussion
F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper are vulnerable to a buffer-overflow vulnerability.
The vulnerability presents itself in the application's Web Console. A successful attack may lead to a denial-of-service condition or to the execution of arbitrary code in the context of the application.
Note that by default, the Web Console is configured to accept connections from localhost only. A remote threat would arise only if the application has been configured to be remotely accessible. A local attacker may potentially exploit this issue to gain elevated privileges as well.
F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper are vulnerable to a buffer-overflow vulnerability.
The vulnerability presents itself in the application's Web Console. A successful attack may lead to a denial-of-service condition or to the execution of arbitrary code in the context of the application.
Note that by default, the Web Console is configured to accept connections from localhost only. A remote threat would arise only if the application has been configured to be remotely accessible. A local attacker may potentially exploit this issue to gain elevated privileges as well.
Exploit / POC
F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
Solution:
F-Secure has released a hotfix for F-Secure Anti-Virus for Microsoft Exchange 6.40 and F-Secure Internet Gatekeeper 6.50. Version 6.60 of F-Secure Internet Gatekeeper has been released to address this issue as well. Please contact the vendor to obtain F-Secure Internet Gatekeeper 6.60.
F-Secure Internet Gatekeeper 6.50
F-Secure Anti-Virus for MS Exchange 6.40
Solution:
F-Secure has released a hotfix for F-Secure Anti-Virus for Microsoft Exchange 6.40 and F-Secure Internet Gatekeeper 6.50. Version 6.60 of F-Secure Internet Gatekeeper has been released to address this issue as well. Please contact the vendor to obtain F-Secure Internet Gatekeeper 6.60.
F-Secure Internet Gatekeeper 6.50
-
F-Secure fsigk650-01.zip
ftp://ftp.f-secure.com/support/hotfix/fsig/fsigk650-01.zip
F-Secure Anti-Virus for MS Exchange 6.40
-
F-Secure fsavmse640-05.zip
ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse640-05.zip
References
F-Secure Multiple Products Web Console Buffer Overflow Vulnerability
References:
References:
- F-Secure Homepage (F-Secure)
- F-Secure Security Bulletin FSC-2006-3 (F-Secure)