Secunia Security Advisory - Secunia Research has discovered a vulnerability in various HAURI anti-virus products, which can be exploited by malicious people to compromise a vulnerable system.
fd54b3fe7a89bedebaa6c55605875e577b537df6e435a49255fc2b743de6ae18
TITLE:
HAURI Anti-Virus ALZ Archive Handling Buffer Overflow
SECUNIA ADVISORY ID:
SA16852
VERIFY ADVISORY:
http://secunia.com/advisories/16852/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
HAURI LiveCall
http://secunia.com/product/5448/
ViRobot Advanced Server
http://secunia.com/product/5556/
ViRobot Expert 4.x
http://secunia.com/product/5557/
DESCRIPTION:
Secunia Research has discovered a vulnerability in various HAURI
anti-virus products, which can be exploited by malicious people to
compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the archive
decompression library when reading the filename of a compressed file
from an ALZ archive. This can be exploited to cause a stack-based
buffer overflow when a malicious ALZ archive is scanned.
Successful exploitation allows arbitrary code execution, but requires
that compressed file scanning is enabled.
The vulnerability has been confirmed in vrAZMain.dll version
5.8.22.137 used by the following products:
* ViRobot Expert 4.0
* ViRobot Advanced Server
* HAURI LiveCall
Prior versions may also be affected.
SOLUTION:
Apply updates.
ViRobot Expert 4.0 / ViRobot Advanced Server:
Update to the latest version via online update. (vrAZMain.dll version
5.9.22.154)
HAURI LiveCall:
Update to the latest version by visiting the vendor's LiveCall
website. (vrAZMain.dll version 5.9.22.154)
PROVIDED AND/OR DISCOVERED BY:
Tan Chew Keong, Secunia Research.
ORIGINAL ADVISORY:
Secunia Research:
http://secunia.com/secunia_research/2005-47/advisory/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------