var-200612-0588
Vulnerability from variot
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. Various security products are prone to a filter-bypass weakness. These products include: - BitDefender Mail Protection for SMB 2.0 - ClamAV 0.88.6 - F-prot AntiVirum for Linux x86 Mail Servers 4.6.6 - Kaspersky Anti-Virus for Linux Mail Server 5.5.10 Other applications and versions may also be affected. This issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. There is a security bypass vulnerability in F-Secure Anti-Virus for Linux Gateways. Such as passing the EICAR test file
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200612-0588", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.6, "vendor": "f secure", "version": "4.65" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 0.8, "vendor": "f secure", "version": "linux gateways 4.65" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9.3" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.0" }, { "model": "open enterprise server", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "0" }, { "model": "linux desktop", "scope": "eq", "trust": 0.3, "vendor": "novell", "version": "9" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2006.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2006.0" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.4" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.3" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.2" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.1" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.8" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.7" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.6" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.5" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.3" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0.1" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0-20040426" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "1.0" }, { "model": "groupware server 2.1beta2", "scope": null, "trust": 0.3, "vendor": "kolab", "version": null }, { "model": "groupware server 2.1.beta3", "scope": null, "trust": 0.3, "vendor": "kolab", "version": null }, { "model": "anti-virus", "scope": "eq", "trust": 0.3, "vendor": "kaspersky", "version": "5.5.10" }, { "model": "software f-prot antivirus", "scope": "eq", "trust": 0.3, "vendor": "frisk", "version": "4.6.6" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "anti-virus clamav", "scope": "eq", "trust": 0.3, "vendor": "clam", "version": "0.88.6" }, { "model": "mail protection for smb", "scope": "eq", "trust": 0.3, "vendor": "bitdefender", "version": "2.0" } ], "sources": [ { "db": "BID", "id": "21461" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2006-6409" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hendrik Weimer is credited with the discovery of this vulnerability.", "sources": [ { "db": "BID", "id": "21461" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ], "trust": 0.9 }, "cve": "CVE-2006-6409", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2006-6409", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-22517", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2006-6409", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-200612-173", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-22517", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-22517" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. Various security products are prone to a filter-bypass weakness. These products include:\n- BitDefender Mail Protection for SMB 2.0\n- ClamAV 0.88.6\n- F-prot AntiVirum for Linux x86 Mail Servers 4.6.6\n- Kaspersky Anti-Virus for Linux Mail Server 5.5.10\nOther applications and versions may also be affected. \nThis issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. There is a security bypass vulnerability in F-Secure Anti-Virus for Linux Gateways. Such as passing the EICAR test file", "sources": [ { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "BID", "id": "21461" }, { "db": "VULHUB", "id": "VHN-22517" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2006-6409", "trust": 2.8 }, { "db": "BID", "id": "21461", "trust": 2.0 }, { "db": "JVNDB", "id": "JVNDB-2006-001714", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200612-173", "trust": 0.7 }, { "db": "BUGTRAQ", "id": "20061206 MULTIPLE VENDOR UNUSUAL MIME ENCODING CONTENT FILTER BYPASS", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-22517", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-22517" }, { "db": "BID", "id": "21461" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "id": "VAR-200612-0588", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-22517" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:11:19.974000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.f-secure.com/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-001714" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2006-6409" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.quantenblog.net/security/virus-scanner-bypass" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/21461" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6409" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6409" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/453654/100/0/threaded" }, { "trust": 0.3, "url": "http://www.bitdefender.com" }, { "trust": 0.3, "url": "http://www.clamav.net/" }, { "trust": 0.3, "url": "http://www.f-prot.com/" }, { "trust": 0.3, "url": "http://www.kaspersky.com/" }, { "trust": 0.3, "url": "http://kolab.org/security/kolab-vendor-notice-14.txt" }, { "trust": 0.3, "url": "/archive/1/453654" } ], "sources": [ { "db": "VULHUB", "id": "VHN-22517" }, { "db": "BID", "id": "21461" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-22517" }, { "db": "BID", "id": "21461" }, { "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "db": "NVD", "id": "CVE-2006-6409" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-12-10T00:00:00", "db": "VULHUB", "id": "VHN-22517" }, { "date": "2006-12-06T00:00:00", "db": "BID", "id": "21461" }, { "date": "2012-06-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "date": "2006-12-10T02:28:00", "db": "NVD", "id": "CVE-2006-6409" }, { "date": "2006-12-09T00:00:00", "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-17T00:00:00", "db": "VULHUB", "id": "VHN-22517" }, { "date": "2016-07-06T14:40:00", "db": "BID", "id": "21461" }, { "date": "2012-06-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2006-001714" }, { "date": "2018-10-17T21:48:03.410000", "db": "NVD", "id": "CVE-2006-6409" }, { "date": "2006-12-11T00:00:00", "db": "CNNVD", "id": "CNNVD-200612-173" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200612-173" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Linux Gateways of F-Secure Anti-Virus Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2006-001714" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Design Error", "sources": [ { "db": "BID", "id": "21461" }, { "db": "CNNVD", "id": "CNNVD-200612-173" } ], "trust": 0.9 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.