FKIE_CVE-2006-3490

Vulnerability from fkie_nvd - Published: 2006-07-10 22:05 - Updated: 2025-04-03 01:03
Severity ?
Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
References
cve@mitre.orghttp://secunia.com/advisories/20858
cve@mitre.orghttp://securitytracker.com/id?1016400
cve@mitre.orghttp://securitytracker.com/id?1016401
cve@mitre.orghttp://www.f-secure.com/security/fsc-2006-4.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/26876
cve@mitre.orghttp://www.securityfocus.com/bid/18693
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2573
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27502
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20858
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016400
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016401
af854a3a-2127-422b-91ae-364da2661108http://www.f-secure.com/security/fsc-2006-4.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26876
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18693
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2573
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27502
Impacted products
Vendor Product Version
f-secure f-secure_anti-virus *
f-secure f-secure_anti-virus *
f-secure f-secure_anti-virus *
f-secure f-secure_anti-virus *
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 5.51
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 2004
f-secure f-secure_anti-virus 2005
f-secure f-secure_anti-virus 2006
f-secure f-secure_internet_security 2003
f-secure f-secure_internet_security 2004
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2006
f-secure f-secure_service_platform_for_service_providers *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
              "versionEndIncluding": "5.44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "141114BE-BDF1-45D7-A4D7-BF55172FB2E3",
              "versionEndIncluding": "5.52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
              "versionEndIncluding": "5.61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "8C8DC4C2-E570-412E-BCF8-05B65D190383",
              "versionEndIncluding": "6.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A730182C-A1EC-410E-82F2-893815444638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when \"Scan network drives\" is disabled, which allows remote attackers to bypass anti-virus controls."
    },
    {
      "lang": "es",
      "value": "F-Secure Anti-Virus 2003 a 2006 y otras versiones, Internet Security 2003 a 2006 y Service Platform for Service Providers 6.x y anteriores no escanean archivos ubicados en medios extra\u00edbles cuando la opci\u00f3n \"Escanear Unidades de Red\" est\u00e1 deshabilitada, lo cual permite a atacantes remotos evitar el control de los antivirus."
    }
  ],
  "id": "CVE-2006-3490",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-10T22:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016400"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016401"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/26876"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18693"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2573"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/26876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.