CVE-2008-5747 - F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF

CVE-2008-5747

Summary

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor.

References

Vulnerable Configurations

cpe:2.3:a:f-prot:f-prot_antivirus:4.6.8:*:linux:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:4.6.8:*:linux:*:*:*:*:*

CVSS

Base:	5.0 (as of 11-10-2018 - 20:56)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	32753
bugtraq	20081210 [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass 20081216 Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass 20081222 Re: [IVIZ-08-016] F-Secure f-prot Antivirus for Linux corrupted ELF header Security Bypass
gentoo	GLSA-200904-14
misc	http://www.ivizsecurity.com/security-advisory-iviz-sr-08016.html
secunia	34700
sreason	4822

Last major update

11-10-2018 - 20:56

Published

29-12-2008 - 15:24

Last modified

11-10-2018 - 20:56