iViZ Security

Security Advisories

F-Prot Antivirus for Linux corrupted ELF header Security Bypass.


It is possible to protect an ELF binary against f-prot by corrupting its ELF header, while letting the binary completely functional. F-prot will crash when analyzing the file, letting the possible malware undetected.

Affected Software

F-Prot version 4.6.8 for GNU/Linux


Remote DoS, possibly remote code execution.

Vendor Response

No vendor response


This vulnerability was discovered by Security Researcher Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd.

Disclosure Timeline

First private disclosure to vendor on September 1st 2008.

Back to Security Advisories