iViZ Security

Security Advisories

F-Prot Antivirus for Linux corrupted ELF header Security Bypass.

Synopsis

It is possible to protect an ELF binary against f-prot by corrupting its ELF header, while letting the binary completely functional. F-prot will crash when analyzing the file, letting the possible malware undetected.

Affected Software

F-Prot version 4.6.8 for GNU/Linux

Impact

Remote DoS, possibly remote code execution.

Vendor Response

No vendor response

Credits

This vulnerability was discovered by Security Researcher Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd.

Disclosure Timeline

First private disclosure to vendor on September 1st 2008.



Back to Security Advisories