BitDefender PDF Scan Evasion

medium Nessus Plugin ID 38830

Synopsis

The remote host is running an antivirus application that is susceptible to a scan evasion attack.

Description

The remote version of BitDefender Antivirus is running with a signature update of May 13 2009 or earlier. Such versions are affected by a scan evasion vulnerability. An attacker can exploit this flaw to package malicious code in a specially crafted 'PDF' file so that it will not be detected by the scan engine.

Solution

Ensure the scan engine is using a signature update after May 13 2009 as that is reportedly when the vendor reportedly deployed a patch for the issue.

See Also

http://www.nessus.org/u?519e2879

Plugin Details

Severity: Medium

ID: 38830

File Name: bitdefender_pdf_scan_evasion.nasl

Version: 1.9

Type: local

Agent: windows

Family: Windows

Published: 5/20/2009

Updated: 8/7/2018

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Antivirus/BitDefender/Sigs_Update

Exploit Ease: No known exploits are available

Reference Information

BID: 35010