Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5747

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5747
Last Modified 18 Apr 2009 01:44:20
Published 29 Dec 2008 10:24:23
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5747

Summary

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor.

Vulnerable Systems

Application

  • F-prot Antivirus 4.6.8


References

BID - 32753

BUGTRAQ - 20081222 Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass

BUGTRAQ - 20081216 Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass

BUGTRAQ - 20081210 [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass

MISC - http://www.ivizsecurity.com/security-advisory-iviz-sr-08016.html

SREASON - 4822

GENTOO - GLSA-200904-14

SECUNIA - 34700


Last Updated: 27 May 2016 10:48:54