Secunia Security Advisory - Tavis Ormandy has reported multiple vulnerabilities in Sophos Anti-Virus, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
b08a7c2470ab6518631923185870143cd4ca98e17ae244daa22662ea9f1a6633By design, antivirus products introduce a vast attack surface to a hostile environment. The vendors of these products have a responsibility to uphold the highest secure development standards possible to minimize the potential for harm caused by their software. This second paper in a series on Sophos internals applies the results previously presented to assess the increased threat Sophos customers face. This paper is intended for a technical audience, and describes the process a sophisticated attacker would take when targeting Sophos users.
6e947610a5f61d4dfef968f6267c1b7f69d040adf4a3f5f08d7edf9ebe6f3000The Kindsight Security Labs Q3 2012 Malware Report examines general trends for malware infections in home networks or infections in mobile devices and computers connected through mobile adapters. The data in this report is aggregated across the networks where Kindsight solutions are deployed.
4358fac16115036cd5347643c7df24ea0a1c9963e8d996174c8561f908070ef5Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
a15a2bb9200ac9f2c6f1c5e1072ac265a2c4fe5a9be4663b47d076afdfa123f8Secunia Security Advisory - Artem Chaykin has reported a vulnerability in Dr.Web Anti-virus for Android, which can be exploited by malicious people to disclose sensitive information.
ccac48f9b1e4e5e39edf8c44ef436c8187f7bce3c4538e66ff4b1d8dd6e50587Dr.Web Anti-Virus versions 7.00.0 and below suffer from a remote SQL injection vulnerability.
1f26f1d9a0c53d31cf524b8a8317a2acbba4e04bbcfa37d8609fe95557379ad4VirusScan Enterprise Antivirus product may have a bug (or a vulnerability) in its parser that can lead to wrong action status messages and reports, malicious file scan bypass, and name spoofing by adding the magic line to the beginning of the file header.
2245ea07c6a13e3cfa317e75e1bd13e79210f3bafacb32336208b8c41a1e3a8fClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
db6c5e1a5ec8ca0b8006cf82661d3158d3365ba1b4bc14c03c5d0bca89a93c0dClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.
4cc0cb65a43b084856fe6c79649ded144d8b596d567a16eaa32c9ede9bc42ab4HP Security Bulletin HPSBPV02754 SSRT100803 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches containing compact flash cards which may be infected with a virus. Reuse of an infected compact flash card in a personal computer could result in a compromise of that system's integrity. Revision 1 of this advisory.
aa894cef3a0c2ea1f2d4d52dda2a5961a24ed2dc9729d8ce131a84f0c7de1ae2Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
958dd09c9da9ceb50c9e556b3ced9cbdf40e836d2bdc98286ce96e84fd4a5a53Barracuda Spam/Virus WAF 600 suffers from a cross site scripting vulnerability.
7be3777e4289e96e5e7b2bf2cec69b4513fe8bef931de3ae26a8d16cf5177ebfThis malware report is part 1 of 2. This report is an effort to track, categorize, contain, understand root cause and infection vector of said user account/s, networked equipment or computer/s. This report pertains to all incidents reported by TIER II help desk, TIER III engineers, customer complaints or random IT Security audit/finding/pen test.
8ace29513474b3ae5ebf23335d1c8782b885f19d4f5db31bcf348fcb6e7db1b8Kaspersky Internet Security 2011/2012 and Kaspersky Anti-Virus 2011/2012 suffer from a local memory corruption vulnerability.
18c23b61b3a5130f1676e81339edfa843b2843bccb7b7083fd3c502bd069ce8eWhitepaper called Anti-Virus Evasion Techniques. Some of the techniques discussed are binding and splitting, converting exe to executable client side scripts, and performing code obfuscation/morphing.
a67e9dfc2edc6ef44c9c82a4132902d3b4329e23e0b4c682cc1ef2191fb41ee3The SAP NetWeaver Virus Scan interface suffers from multiple cross site scripting vulnerabilities.
bb8285b3a50293e1b7955490ff1a6f95c2a536a27d3d98b985e8678a317a3799Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
3a8cece5b7e6b15410f6b8f96ff5591b2c5a72f290ee8a28fefda44cb5ae7abaThe service at anti-virus.cloudflare.com suffers from a cross site scripting vulnerability.
b6ee5497426ebce31868121289c9ae738ae0ad5026abab52cd9dbc4650ad8848Qmail-Scanner, (previously known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners, but also enables a site to react to Email (at a server/site level) that contains specific strings in particular headers, or particular attachment filenames or types.
b6c430c81efd41bd28e56fb60e6e1ecbd98e44346c2faad69ff164960f042247Whitepaper called "Embedding the Payload" or "How to avoid AV-Detection". The main goal of this paper focuses on how to undermine system integrity by circumventing anti-virus detection.
14edf4f453f8794728b0ac49c1d1ae57bab9b38e68a39ab9849188b3c9dd702dF-Secure Anti-Virus 2010 / 2011 and Internet Security 2010 / 2011 active-x SEH overwrite exploit.
b38eddf800c45049b97bae2be28253121ba1933544a054983303e953ef2b916fThis paper describes the results of a thorough examination of Sophos Antivirus internals. The author presents a technical analysis of claims made by the vendor, and publishes the tools and reference material required to reproduce their results. Furthermore, they examine the product from the perspective of a vulnerability researcher, exploring the rich attack surface exposed, and demonstrating weaknesses and vulnerabilities.
57ecb0848e5b99ef5678dc00d7aabb2718195a8bb23f387f2d5ff429df854455Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
91503f8cff482cac1f2c951c5d62a7da8a17ba3b32eb8fa2800e29c03c7cd58aWhitepaper called Fake Malware and Virus Scanners. Rogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This document show what are the mechanisms to obfuscate this process.
0305582fef0a334d0098bff6db770a8a71c665735a44588fdd53e7b219351d8cWhitepaper called Client-Side Threats - Anatomy of Reverse Trojan Attacks. Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.
2c1afb10f1f364d84902aa704ae75b54b7d538279adb0348248fba3c6e22acf9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed