Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
BID:30347
Info
Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
| Bugtraq ID: | 30347 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 22 2008 12:00AM |
| Updated: | Jul 23 2008 09:38PM |
| Credit: | Juan Pablo Lopez Yacubian |
| Vulnerable: |
Agnitum Outpost Security Suite Pro 2009 |
| Not Vulnerable: | |
Discussion
Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
Outpost Security Suite Pro is prone to a vulnerability that allows an unauthorized attacker to bypass antivirus and firewall rules. This issue occurs because the application fails to adequately sanitize user-supplied input.
Successful exploits can allow malicious data to evade expected detection rules, giving legitimate users a false sense of security. Other attacks may also be possible.
Outpost Security Suite Pro 2009 is vulnerable; other versions may also be affected.
Outpost Security Suite Pro is prone to a vulnerability that allows an unauthorized attacker to bypass antivirus and firewall rules. This issue occurs because the application fails to adequately sanitize user-supplied input.
Successful exploits can allow malicious data to evade expected detection rules, giving legitimate users a false sense of security. Other attacks may also be possible.
Outpost Security Suite Pro 2009 is vulnerable; other versions may also be affected.
Exploit / POC
Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
The following special character in a filename can evade antivirus rules:
ASCII: 
HEX: 26 23 31 32 32 38 38 3b
The following special character in a filename can evade firewall rules:
ASCII:? ? ? ‣ ․ ‥ ?
HEX: 86 20 87 20 95 20 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20
26 23 38 32 32 39 3b 20 85
The following special character in a filename can evade antivirus rules:
ASCII: 
HEX: 26 23 31 32 32 38 38 3b
The following special character in a filename can evade firewall rules:
ASCII:? ? ? ‣ ․ ‥ ?
HEX: 86 20 87 20 95 20 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20
26 23 38 32 32 39 3b 20 85
Solution / Fix
Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Outpost Security Suite Pro Filename Parsing Security Bypass Vulnerability
References:
References: