Vulnerabilities > CVE-2006-6352 - Remote Denial Of Service vulnerability in Frisk Software F-Prot Antivirus 3.16F
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to cause a denial of service (infinite loop) via a crafted ACE file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit. CVE-2006-6352. Dos exploit for linux platform |
file | exploits/linux/dos/2892.py |
id | EDB-ID:2892 |
last seen | 2016-01-31 |
modified | 2006-12-04 |
platform | linux |
port | |
published | 2006-12-04 |
reporter | Evgeny Legerov |
source | https://www.exploit-db.com/download/2892/ |
title | F-Prot Antivirus 4.6.6 ACE Denial of Service Exploit |
type | dos |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200612-12.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200612-12 (F-PROT Antivirus: Multiple vulnerabilities) F-Prot Antivirus version 4.6.7 fixes a heap-based buffer overflow, an infinite loop, and other unspecified vulnerabilities. Impact : Among other weaker impacts, a remote attacker could send an e-mail containing a malicious file that would trigger the buffer overflow vulnerability and execute arbitrary code with the privileges of the user running F-Prot, which may be the root user. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23864 |
published | 2006-12-14 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23864 |
title | GLSA-200612-12 : F-PROT Antivirus: Multiple vulnerabilities |
code |
|
References
- http://gleg.net/fprot.txt
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051096.html
- http://secunia.com/advisories/23328
- http://security.gentoo.org/glsa/glsa-200612-12.xml
- http://securityreason.com/securityalert/1998
- http://securitytracker.com/id?1017331
- http://www.f-prot.com/news/gen_news/061201_release_unix467.html
- http://www.securityfocus.com/archive/1/453475/100/0/threaded
- http://www.securityfocus.com/bid/21420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30707
- https://www.exploit-db.com/exploits/2892