Title: Frisk F-Prot Antivirus Command Line Scanner Buffer Overflow Vulnerability
Severity: MODERATE
Description:
Frisk F-Prot Antivirus for Linux and BSD contains a command line antivirus scanner that can be used in conjunction with scheduled backup scripts.
The F-Prot command line scanner is prone to a buffer overflow due to insufficient bounds checking on the file name argument.
If an unusually long file name is supplied as a parameter to the command line scanner, the buffer will be overrun, potentially resulting in the execution of arbitrary code. While the scanner is not setuid or setgid, if the scanner was run through a backup script (or similar third-party application) by a privileged user to scan the filesystem, a malicious user could insert a file with an unusually long name, causing code to be executed in the security context of the user initiating the scan.
This vulnerability was reported to affect F-Prot 3.12b, however, earlier versions may also be vulnerable.
Affected Products:
- Frisk Software F-Prot Antivirus for Linux and BSD 3.12.0 b
References:
- F-Prot Antivirus Technical Support <support@f-prot.com>: Regarding F-Prot for Linux
- Frisk Software: F-Prot Update Center
- Knud Erik Højgaard <kain@ircop.dk>: Fw: f-prot antivirus useless buffer overflow
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
