Security Advisories
F-Prot Antivirus for Linux corrupted ELF header Security Bypass.
Synopsis
It is possible to protect an ELF binary against
f-prot by corrupting its ELF header, while letting
the binary completely functional. F-prot will crash
when analyzing the file, letting the possible malware
undetected.
Affected Software
F-Prot version 4.6.8 for GNU/Linux
Impact
Remote DoS, possibly remote code execution.
Vendor Response
No vendor response
Credits
This vulnerability was discovered by Security Researcher
Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd.
Disclosure Timeline
First private disclosure to vendor on September 1st 2008.
|
