Detections
Analytics
F-Secure Anti-Virus for Windows system32 Directory Crafted File Detection Bypass
low Nessus Plugin ID 26193
Synopsis
The remote Windows host has an antivirus application that may fail to scan selected files.Description
The remote host is running F-Secure Anti-Virus for Windows Servers.According to its version, the installation of this software on the remote host may allow an attacker by bypass antivirus scanning by placing a specially crafted archive or packed executable into the 'system32' folder.
Note that this issue only affects 64-bit server platforms, which Nessus has determined the remote host to be.
Solution
Apply the patch referenced in the vendor advisory above.See Also
https://www.f-secure.com/en/web/labs_global/security-advisories
Plugin Details
Severity: Low
ID: 26193
File Name: fsecure_fsc2007_6.nasl
Version: 1.17
Type: local
Agent: windows
Family: Windows
Published: 9/28/2007
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Low
Base Score: 1.9
Temporal Score: 1.4
Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: cpe:/a:f-secure:f-secure_anti-virus
Required KB Items: SMB/WindowsVersion, SMB/name, SMB/login, SMB/password
Exploit Ease: No known exploits are available
Reference Information
CVE: CVE-2007-5143
BID: 25824