CVE-2008-5747 - Resource Management Errors vulnerability in F Prot F Prot Antivirus 4.6.8

Publication

2008-12-29

Last modification

2018-10-11

Summary

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor.

Description

F-PROT Antivirus for Linux is a virus scanning application for the Linux operating system. The application is prone to a denial-of-service vulnerability because it fails to handle malformed files. Successfully exploits will crash the affected application, resulting in a denial-of-service condition. Given the nature of this issue, code execution may be possible, but this has not been confirmed.F-PROT Antivirus for Linux 4.6.8 is vulnerable; other versions may also be affected.

Solution

NOTE: The vendor reports that the issue described affects a version of F-PROT that is no longer supported. The vendor recommends that customers upgrade to the current version, which is not vulnerable to this issue.

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: info@vumetric.com.

Classification

CWE-399 - Resource Management Errors

Risk level (CVSS AV:N/AC:L/Au:N/C:N/I:N/A:P)

Medium

5.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
F Prot F Prot Antivirus  4.6.8