VAR-200612-0588
Vulnerability from variot - Updated: 2023-12-18 11:11F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. Various security products are prone to a filter-bypass weakness. These products include: - BitDefender Mail Protection for SMB 2.0 - ClamAV 0.88.6 - F-prot AntiVirum for Linux x86 Mail Servers 4.6.6 - Kaspersky Anti-Virus for Linux Mail Server 5.5.10 Other applications and versions may also be affected. This issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. There is a security bypass vulnerability in F-Secure Anti-Virus for Linux Gateways. Such as passing the EICAR test file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200612-0588",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "4.65"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "f secure",
"version": "linux gateways 4.65"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "open enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "9"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.8"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.6"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.5"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.3"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0-20040426"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "1.0"
},
{
"model": "groupware server 2.1beta2",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "groupware server 2.1.beta3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.5.10"
},
{
"model": "software f-prot antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "frisk",
"version": "4.6.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "anti-virus clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "clam",
"version": "0.88.6"
},
{
"model": "mail protection for smb",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "2.0"
}
],
"sources": [
{
"db": "BID",
"id": "21461"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hendrik Weimer is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "21461"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
],
"trust": 0.9
},
"cve": "CVE-2006-6409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2006-6409",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-22517",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-6409",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200612-173",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-22517",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22517"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. Various security products are prone to a filter-bypass weakness. These products include:\n- BitDefender Mail Protection for SMB 2.0\n- ClamAV 0.88.6\n- F-prot AntiVirum for Linux x86 Mail Servers 4.6.6\n- Kaspersky Anti-Virus for Linux Mail Server 5.5.10\nOther applications and versions may also be affected. \nThis issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. There is a security bypass vulnerability in F-Secure Anti-Virus for Linux Gateways. Such as passing the EICAR test file",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "BID",
"id": "21461"
},
{
"db": "VULHUB",
"id": "VHN-22517"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6409",
"trust": 2.8
},
{
"db": "BID",
"id": "21461",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20061206 MULTIPLE VENDOR UNUSUAL MIME ENCODING CONTENT FILTER BYPASS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-22517",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22517"
},
{
"db": "BID",
"id": "21461"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"id": "VAR-200612-0588",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-22517"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:11:19.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.f-secure.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21461"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6409"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6409"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/453654/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.bitdefender.com"
},
{
"trust": 0.3,
"url": "http://www.clamav.net/"
},
{
"trust": 0.3,
"url": "http://www.f-prot.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://kolab.org/security/kolab-vendor-notice-14.txt"
},
{
"trust": 0.3,
"url": "/archive/1/453654"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-22517"
},
{
"db": "BID",
"id": "21461"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-22517"
},
{
"db": "BID",
"id": "21461"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-22517"
},
{
"date": "2006-12-06T00:00:00",
"db": "BID",
"id": "21461"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"date": "2006-12-10T02:28:00",
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"date": "2006-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-22517"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "21461"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001714"
},
{
"date": "2018-10-17T21:48:03.410000",
"db": "NVD",
"id": "CVE-2006-6409"
},
{
"date": "2006-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Gateways of F-Secure Anti-Virus Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001714"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "21461"
},
{
"db": "CNNVD",
"id": "CNNVD-200612-173"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…