The QuickHeal parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (GPFLAG) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
21b40b46cf54a2a2543b7b5d28c8636ee603079b9c6d362408cdc930b9943fe1The AVAST parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating a ZIP archive so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
04142bff062e990548f8097f71222a4ee9c85d1768f97fcbf3deca2f91ed21e3The F-SECURE parsing engine supports the GZIP Archive. The parsing engine can be bypassed by manipulating a GZIP archive (Compression Method). This way the User can extract the file but the AV Engine cannot giving the file a clean pass. Various products and versions are affected.
fbec8e3dcdca05c0034af0f09e6fb074d27522a6d8e9187b70e6a9d79f55cbb6The AVIRA parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating the ISO Archive This leads to the Endpoint ignoring the container and the Gateways to let this file slip through uninspected. Avira does not patch or update their very popular command line scanner that is still available for download on their website. AV Engine versions below 8.3.54.138 are affected.
e3a1a68dae3a544a78b4225ef81e20a998dd5f42a98b27d7f851c97568992124The Bitdefender parsing engine supports the GZIP archive format. The parsing engine can be bypassed by specifically manipulating a GZIP Archive (Compression Method) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
c256232508baed278b7019fdb1635fe3c42c5be13f855d4c505917c5e8668458The Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
120b942ba426b1b9b55e704db5b9c97a9ee87d788829b6e6ce558de71c97c890The F-SECURE parsing engine supports the RAR Archive. The parsing engine can be bypassed by specifically manipulating a RAR archive. Various products are affected.
f8afc9d260d24a97130afc2b29b93956227a49e671abb3b13665f13a1b0de68dThe AVIRA parsing engine can be bypassed by specifically manipulating the ZIP Archive (GPFLag) making the Avira parser believes the file to be encrypted although it isn't. This leads to the Endpoint ignoring the archive and the Avira Gateway Solutions to follow the "File is encrypted" logic.
ac2daf7bcc95857b4f5049cebd3177cbe3381b4badbb37ff3079ae24ed46821aThe ESET parsing engine can be bypassed by specifically manipulating a ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
e2f741cde9f439ac70973eeae7d76a4af0d0b4eb7a85e38074a57965ddaf71b3The Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (RAR Compression Information) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.
56d047fd1371cddc803a7c6831bbb28724f403134f3ad701d0d1f2b2b8a12b6dThe Bitdefender parsing engine supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (Compressed Size) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. All Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019 are affected.
1ee5d2c1f340adcecb8d86ba987e2df0e0cc93d8618945a14a6393943bdd41ceThe Kaspersky parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (File Name Length Field) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating. A vast array of Kaspersky products are affected.
5ace3f40cceae356bd67470cd3e790eaead40adc7b7b21eaab4d4e91d3df1bc0Bitdefender products suffer from a ZIP GPFLAG malformed archive bypass vulnerability. Affected includes all Bitdefender Products and Vendors that have licensed the Engine before Dec 12, 2019.
8a04a45f5bad5e89212de014eb589ed0ff5c2e09cbfb8bce3337bc332720c94bThe parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
793090fba48547497446172319a1c4df12912499fed2f2b0ce09b16332463da7The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
9de58a261f7a885904785912ed09937ff3ced4a9bf116489ceebbeb94fc32870The Bitdefender parsing engine supports the BZIP archive format. The parsing engine can be bypassed by specifically manipulating an BZIP archive so that it can be accessed by an end-user but not the antivirus software. The AV engine is unable to scan the archive and issues the file a "clean" rating. Many Bitdefender products are affected.
db03e9aa748a184f6f406c631f87e33d5d91312f61fbfe71c3deba6c9f7a8469Various ESET products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
e595080ef9294e0013cd99505d0511438b8e9a9b7f4057d2da69f4d459dfb3dbVarious Kaspersky products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
a286067acc022536c419ead7b3c44c32cae3b28176e030a8b391001836b03a1cAVIRA engine versions below 8.3.54.138 suffer from a generic bypass vulnerability. The parsing engine supports the ISO container format. The parsing engine can be bypassed by specifically manipulating an ISO container so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
85c4b06afcbbc9a3f987b258ae2ab7050eaf9660ac992ddb9e1593f4bc088632GMA aka Good Mobile Access, part of the Good For Enterprise application, failed to validate server authenticity in versions prior to 2.0.2.
437e815284a5837eb0e26f1d859c302fe999bb741e9a78b22782fe918ba09bc1This report gives general recommendations as to how to configure SSL/TLS in order to provide state of the art authentication and encryption. The options offered by SSL engines grew from the early days since Netscape developed SSL2.0. The introduction of TLS made matters more challenging as servers and clients offer different sets of available options depending on which SSL engine (OpenSSL, NSS, SCHANNEL, etc.) they use. Finding the middle ground has proven difficult especially as the supported protocols and cipher suites are mostly not documented. To make matters more complicated Browsers may not use all functionality offered by the SSL stack, this report will only list functionality used by current Browsers. This report provides an overview of the currently available TLS options across Servers and Clients and allows you to offer support for a wide variety of Browsers an offer "good enough" security.
afe6f4a0ab4ce26e52bdcf64e8ae768dd81416309332ac0a348749bb8aaf5074Checkpoint SNX suffers from a privilege escalation vulnerability. Included products are the SSL Network Extender, Endpoint Security Client, Endpoint Connect, and Endpoint Security VPN.
5a6d54cd88685ffaad03d53a56c8814889c848f58d1df04d1fd2faef83d0e166"Harden SSL/TLS" hardens the default SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows you to remotely set SSL/TLS policies allowing or denying certain ciphers/hashes or complete ciphersuites.
f6da94916529959fc189c5e46d110273a1d8f5e56414318132ae5e991fc92e46Developed as part of G-SEC's investigation for the "Secure SSL/TLS configuration Report 2010", they developed this little tool called SSL Audit. SSL Audit scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known cipher suites. It also has a fingerprinting mode.
28724527671579a60227726d8f0274db7ecfcf5fa272303bdca45d92ef5cb702This paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available. This is an update to the original release.
e3248ace7a5b9361f7b718d101f566a149375092c32ee63eca3bad0a84efdc31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed