The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
2d1368f34cff9cc52d2696d0eccc0d18The AVAST parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating a ZIP archive so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
2a5619ab4bba5b0d39515674edc6e6b1The F-SECURE parsing engine supports the GZIP Archive. The parsing engine can be bypassed by manipulating a GZIP archive (Compression Method). This way the User can extract the file but the AV Engine cannot giving the file a clean pass. Various products and versions are affected.
249cbeaab013141f01432e1cab62a8a6The AVIRA parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating the ISO Archive This leads to the Endpoint ignoring the container and the Gateways to let this file slip through uninspected. Avira does not patch or update their very popular command line scanner that is still available for download on their website. AV Engine versions below 8.3.54.138 are affected.
46ba66f6cda072712c42db3e0f597db6The Bitdefender parsing engine supports the GZIP archive format. The parsing engine can be bypassed by specifically manipulating a GZIP Archive (Compression Method) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
98239a25a94376bf3a80578aae377a8bThe Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
823c4edc758b7da4ee2da02a741a9952The F-SECURE parsing engine supports the RAR Archive. The parsing engine can be bypassed by specifically manipulating a RAR archive. Various products are affected.
192bc50776f25bf49730d36c48892734The AVIRA parsing engine can be bypassed by specifically manipulating the ZIP Archive (GPFLag) making the Avira parser believes the file to be encrypted although it isn't. This leads to the Endpoint ignoring the archive and the Avira Gateway Solutions to follow the "File is encrypted" logic.
6e004bfa1a3b7ba17f65b840b147c977The ESET parsing engine can be bypassed by specifically manipulating a ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
b070d226240b5ffffd20b8b5dd28cd36The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (RAR Compression Information) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.
9ef57e4723299740f953c5176cce48f3The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (Compressed Size) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.
c3051127930c29478cb249b21d1022b1The Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name Length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating. A vast array of Kaspersky products are affected.
ea351cdfa434ec38583fdb174905503eBitdefender products suffer from a ZIP GPFLAG malformed archive bypass vulnerability. Affected includes all Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019.
6f75acbd8899bedae1f80ba34a5c05e1The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
81a8ef5675cb81458a3c0622ae1d3bb8The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
8c75c890b3117a95e00edfc1d15eba80The Bitdefender parsing engine supports the BZIP archive format. The parsing engine can be bypassed by specifically manipulating an BZIP archive so that it can be accessed by an end-user but not the antivirus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. Many Bitdefender products are affected.
cdab15d8649e62f906f6d477e835bbf3Various ESET products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
f10f389ae694b215abb2e4c2a013b423Various Kaspersky products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
ca36137639ccd5a94d3f5edfcf83fc20AVIRA engine versions below 8.3.54.138 suffer from a generic bypass vulnerability. The parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating an ISO container so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
c0e4ae9f187665effb5e7ea15ffb7ef3GMA aka Good Mobile Access, part of the Good For Enterprise application, failed to validate server authenticity in versions prior to 2.0.2.
246f26b78da591033bed7bad920b79cfThis report gives general recommendations as to how to configure SSL/TLS in order to provide state of the art authentication and encryption. The options offered by SSL engines grew from the early days since Netscape developed SSL2.0. The introduction of TLS made matters more challenging as servers and clients offer different sets of available options depending on which SSL engine (OpenSSL, NSS, SCHANNEL, etc.) they use. Finding the middle ground has proven difficult especially as the supported protocols and cipher suites are mostly not documented. To make matters more complicated Browsers may not use all functionality offered by the SSL stack, this report will only list functionality used by current Browsers. This report provides an overview of the currently available TLS options across Servers and Clients and allows you to offer support for a wide variety of Browsers an offer "good enough" security.
ea3ba9ca23ddccb36b094184551e503dCheckpoint SNX suffers from a privilege escalation vulnerability. Included products are the SSL Network Extender, Endpoint Security Client, Endpoint Connect, and Endpoint Security VPN.
914274b524f02697ff9326e3f173bdda"Harden SSL/TLS" hardens the default SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows you to remotely set SSL/TLS policies allowing or denying certain ciphers/hashes or complete ciphersuites.
5db5730516652db7e4920cf04249469bDeveloped as part of G-SEC's investigation for the "Secure SSL/TLS configuration Report 2010", they developed this little tool called SSL Audit. SSL Audit scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known cipher suites. It also has a fingerprinting mode.
862a18ea08deccd5a2a9c9e7db074ebfThis paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available. This is an update to the original release.
c5beb910e8fe191ec7d383166a44716c
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed