Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0936

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0936
Last Modified 05 Sep 2008 04:39:51
Published 27 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0936

Summary

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Gentoo Linux 1.4

  • Mandrakesoft Mandrake Linux 10.1

  • Suse Linux 9.2

Application

  • Archive Zip 1.13

  • Ca Brightstor Arcserve Backup 11.1

  • Ca Etrust Antivirus 7.0

  • Ca Etrust Antivirus 7.0 Sp2

  • Ca Etrust Antivirus 7.1

  • Ca Etrust Antivirus Gateway 7.0

  • Ca Etrust Antivirus Gateway 7.1

  • Ca Etrust Ez Antivirus 6.1

  • Ca Etrust Ez Antivirus 6.2

  • Ca Etrust Ez Antivirus 6.3

  • Ca Etrust Ez Armor 2.0

  • Ca Etrust Ez Armor 2.3

  • Ca Etrust Ez Armor 2.4

  • Ca Etrust Intrusion Detection 1.4.1.13

  • Ca Etrust Intrusion Detection 1.4.5

  • Ca Etrust Intrusion Detection 1.5

  • Ca Etrust Secure Content Manager 1.0

  • Ca Etrust Secure Content Manager 1.1

  • Ca Inoculateit 6.0

  • Eset Software Nod32 Antivirus 1.0.11

  • Eset Software Nod32 Antivirus 1.0.12

  • Eset Software Nod32 Antivirus 1.0.13

  • Kaspersky Lab Kaspersky Anti-virus 3.0

  • Kaspersky Lab Kaspersky Anti-virus 4.0

  • Kaspersky Lab Kaspersky Anti-virus 5.0

  • Mcafee Antivirus Engine 4.3.20

  • Rav Antivirus Desktop 8.6

  • Rav Antivirus For File Servers 1.0

  • Rav Antivirus For Mail Servers 8.4.2

  • Sophos Anti-virus 3.4.6

  • Sophos Anti-virus 3.78

  • Sophos Anti-virus 3.78d

  • Sophos Anti-virus 3.79

  • Sophos Anti-virus 3.80

  • Sophos Anti-virus 3.81

  • Sophos Anti-virus 3.82

  • Sophos Anti-virus 3.83

  • Sophos Anti-virus 3.84

  • Sophos Anti-virus 3.85

  • Sophos Anti-virus 3.86

  • Sophos Puremessage Anti-virus 4.6

  • Sophos Small Business Suite 1.0


References

CERT-VN - VU#968818

BID - 11448

XF - antivirus-zip-protection-bypass(17761)

IDEFENSE - 20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability


Last Updated: 27 May 2016 10:38:49